Home // BUSTECH 2020, The Tenth International Conference on Business Intelligence and Technology // View article
Authors:
Stephen Jacob
Yuansong Qiao
Paul Jacob
Brian Lee
Keywords: Process Mining; Deep Learning; Recurrent Neural Networks; LSTM; Cyber Security
Abstract:
Due to the number of cyber attacks targeting business organisations daily, anomaly detection software generates large numbers of alerts. While this information is invaluable to Incident Response Teams, one problem is to prioritize these alerts and to distinguish between those that signal a serious threat to network enterprises and low priority alerts. One approach is to use a model that relates an organisation’s missions, processes, services and infrastructure. By predicting future events in existing business processes, and subsequently using this model to identify associated services and infrastructure, cyber security personnel can prioritize critical alerts that threaten these assets. Long Short Term Memory based deep learning models are suited to modeling sequential data, and in particular can model long term dependencies in sequences. This paper evaluates the use of such models to predict subsequent events in ongoing cases. Two training techniques are applied to four data sets. The techniques are evaluated with respect to the accuracy of the predictions and their performance on predicting frequent and infrequent events.
Pages: 13 to 19
Copyright: Copyright (c) IARIA, 2020
Publication date: April 26, 2020
Published in: conference
ISSN: 2308-4391
ISBN: 978-1-61208-785-6
Location: Nice, France
Dates: from October 25, 2020 to October 29, 2020