Mobile QR Code QR CODE : The Transactions of the Korean Institute of Electrical Engineers
Title A Study on AI algorithms to Improve Precision Rate in a Managed Security Service
Authors 최승환(Seunghwan Choi) ; 장민해(Minhae Jang) ; 김명수(Myongsoo Kim)
DOI https://doi.org/10.5370/KIEE.2020.69.7.1046
Page pp.1046-1052
ISSN 1975-8359
Keywords Managed Security Service; Feature Analysis; Dataset; IPS event; Precision Rate; AI
Abstract Cyber attacks are becoming intelligent and mass-produced. Thus, precision rate is very important in terms of a managed security service. Currently, cyber attacks are detected using various security protection devices and mass security events from the security devices are inevitable. Most devices are carring out defense on predetermined rulesets. Due to the problem of classifying non-attacks as attacks, people are unable to handle massive events log. Researches have been conducted to solve this problem by fine-tuning rulesets, but there is a limit to improving precision rate. As a solution, applying AI technology to the security monitoring areas have been researched in recent years. However, research on improving precision rate, which is the basis of managed security service, has not been conducted as much. In addition, the dataset used in the research is different from the log collected in the security devices in the real environment. This paper describes the logs that can be collected in the real network environment, the datasets that are used in the past studies, and artificial intelligence algorithm research for improving precision rate based on datasets collected in real network.