A Novel Approach to Intrusion Detection Using a Cognitively-Inspired Algorithm
Files
Date
2024-01-03
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Narrator
Transcriber
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
954
Ending Page
Alternative Title
Abstract
We propose a novel algorithm for white-box intrusion detection using a cognitive model consistent with the principles of instance-based learning theory. Cognitive models inherit both mechanism and limitations from cognitive architectures implementing unified theories of human cognition. The mechanisms endow the models with powerful characteristics of human cognition, including robustness, generalization and adaptivity. Expanding upon previous research in malware identification and personalized deceptive signaling, the present paper presents a cognitive model able to achieve over 70% accuracy identifying anomalous (vs normal) traffic on the UNSW-NB15 dataset with only 8 features and using only one sample from each attack and 9 normal samples. Accuracy linearly increases to over 85% using up to 100x more samples. A cognitively-inspired salience algorithm then shows the relative impact of each feature driving correct vs incorrect classifications. Implications for integrating this algorithm with human operators are discussed.
Description
Keywords
Cyber Deception and Cyberpsychology for Defense, cognitive model, cybersecurity, intrusion detection, salience
Citation
Extent
10 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 57th Hawaii International Conference on System Sciences
Related To (URI)
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Local Contexts
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.