Combining rule-based system and machine learning to classify semi-natural language data

---

作者

Zafar Hussain¹ , Jukka Nurminen¹ , Tommi Mikkonen¹

1. University of Helsinki

会议/活动

Intellisys, 2022, September 2022 (Amsterdam, Netherlands)

海报摘要

Computer vulnerabilities can be exploited in a variety of ways. Malicious actors may use a specific exploit, a secret pathway to enter a computer system, or a misconfiguration in one of the system components. In most of these attacks, malicious actors aim to run malicious programs through command-lines. One way to detect malicious activities on a machine is by analyzing the structure of command-lines. The detection can be based on a combination of different methods from rule engines to more advanced machine learning methods. These methods compare a new command-line to existing ones and classify it as similar or not-similar to any existing groups of command-lines. This helps in creating clusters of similar command-lines and identifying them as safe or malicious. As rule-based and Machine Learning (ML) approaches have distinct strengths, an attractive option is to use their combination as a hybrid approach to classify the command-lines.

关键词

Commands, Document classification, Hybrid approach

研究领域

Computer and Information Science

参考文献

暂无数据

基金

暂无数据

补充材料

暂无数据

附加信息

利益冲突

No competing interests were disclosed.

数据可用性声明

The datasets generated during and / or analyzed during the current study are available from the corresponding author on reasonable request.

知识共享许可协议

Copyright © 2023 Hussain et al. This is an open access work distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.