C&ESAR 2018 / Intelligent Thresholding
Frédéric Guihery, Damien Crémilleux, AMOSSYS & SEKOIA
Intrusion Detection Systems (IDS) have made a great progressfor decades but even with the increasing power of AI, we struggle to de-sign a general machine able to detect all kinds of cyber-attacks, especiallythose still unknown a.k.a. zero-day. Indeed, one reason why previous ap-proaches failed can be the complexity of the cyber-security field. How-ever, some research works on anomaly detection have made significativeprogress on aspects related to real-world issues. In particular, the cali-bration of the algorithms does not draw as much attention as their per-formance while all the intelligence can vanish through fine-tuning steps.Here, we tackle issues around the final decision threshold and show howit can be cleverly set.