VizNN: Visual Data Augmentation with Convolutional Neural Networks for Cybersecurity Investigation

@InProceedings{	  raymon.21.urai,
  author	= {Raymond, A. and Brument, B. and Parrend, P.},
  title		= {{VizNN}: {V}isual Data Augmentation with Convolutional
		  Neural Networks for Cybersecurity Investigation},
  booktitle	= {Upper-Rhine Artificial Intelligence Symposium},
  month		= oct,
  year		= {2021},
  abstract	= {One of the key challenges of Security Operating Centers
		  (SOCs) is to provide rich information to the security
		  analyst to ease the investigation phase in front of a
		  cyberattack. This requires the combination of supervision
		  with detection capabilities. Supervision enables the
		  security analysts to gain an overview on the security state
		  of the information system under protection. Detection uses
		  advanced algorithms to extract suspicious events from the
		  huge amount of traces produced by the system. To enable
		  coupling an efficient supervision with performance
		  detection, the use of visualisation-based analysis is a
		  appealing approach, which into the bargain provides an
		  elegant solution for data augmentation and thus improved
		  detection performance. We propose VizNN, a Convolutional
		  Neural Networks for analysing trace features through their
		  graphical representation. VizNN enables to gain a visual
		  overview of the traces of interests, and Convolutional
		  Neural Networks leverage a scalability capability. An
		  evaluation of the proposed scheme is performed against
		  reference classifiers for detecting attacks, XGBoost and
		  Random Forests},
  x-international-audience={Yes},
  x-language	= {EN},
  url		= {http://icube-publis.unistra.fr/4-RBP21},
  nodoi		= {}
}