Cyber Informedness: A New Metric using CVSS to Increase Trust in Intrusion Detection Systems

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference Pub Date : 2023-06-14 DOI:10.1145/3590777.3590786

Robin Duraz, D. Espès, Julien Francq, Sandrine Vaton

{"title":"Cyber Informedness: A New Metric using CVSS to Increase Trust in Intrusion Detection Systems","authors":"Robin Duraz, D. Espès, Julien Francq, Sandrine Vaton","doi":"10.1145/3590777.3590786","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems (IDSs) are essential cybersecurity components. Previous cyberattack detection methods relied more on signatures and rules to detect cyberattacks, although there has been a change in paradigm in the last decade, with Machine Learning (ML) enabling more efficient and flexible statistical methods. However, ML is currently unable to integrate cybersecurity information into its inner workings. This paper introduces Cyber Informedness, a new metric taking into account cybersecurity information to give a more informed representation of performance, influenced by the severity of the attacks encountered. This metric uses a de facto standard in cybersecurity: the Common Vulnerability Scoring System (CVSS). Results on two public datasets show that this new metric validates results obtained with generic metrics. Furthermore, this new metric highlights ML-based IDSs that prioritize high performance on severe attacks, which is not visible with generic metrics. Consequently, this new metric nicely completes generic metrics by bridging the gap between ML and cybersecurity.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"124 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3590777.3590786","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Intrusion Detection Systems (IDSs) are essential cybersecurity components. Previous cyberattack detection methods relied more on signatures and rules to detect cyberattacks, although there has been a change in paradigm in the last decade, with Machine Learning (ML) enabling more efficient and flexible statistical methods. However, ML is currently unable to integrate cybersecurity information into its inner workings. This paper introduces Cyber Informedness, a new metric taking into account cybersecurity information to give a more informed representation of performance, influenced by the severity of the attacks encountered. This metric uses a de facto standard in cybersecurity: the Common Vulnerability Scoring System (CVSS). Results on two public datasets show that this new metric validates results obtained with generic metrics. Furthermore, this new metric highlights ML-based IDSs that prioritize high performance on severe attacks, which is not visible with generic metrics. Consequently, this new metric nicely completes generic metrics by bridging the gap between ML and cybersecurity.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

网络信息:使用CVSS增加入侵检测系统信任的新度量

入侵检测系统(ids)是网络安全的重要组成部分。以前的网络攻击检测方法更多地依赖于签名和规则来检测网络攻击，尽管在过去十年中，随着机器学习(ML)实现更高效、更灵活的统计方法，范式发生了变化。然而，ML目前无法将网络安全信息集成到其内部工作中。本文介绍了网络信息性，这是一种新的度量标准，考虑到网络安全信息，在遇到攻击严重程度的影响下，给出更明智的性能表示。该指标使用了网络安全领域的实际标准:通用漏洞评分系统(CVSS)。在两个公共数据集上的结果表明，这个新度量验证了用通用度量获得的结果。此外，这个新指标突出了基于ml的ids，它优先考虑对严重攻击的高性能，这在一般指标中是不可见的。因此，这个新指标通过弥合机器学习和网络安全之间的差距，很好地完成了通用指标。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference

自引率

0.00%

发文量