Towards trustworthy cybersecurity operations using Bayesian Deep Learning to improve uncertainty quantification of anomaly detection

Tengfei Yang, Yuansong Qiao, Brian Lee

Research output: Contribution to journalArticlepeer-review

2 Citations (Scopus)

Abstract

Uncertainty quantification of cybersecurity anomaly detection results provides critical guidance for decision makers on whether or not to accept the results. Improving the trustworthiness of anomaly predictions can reduce the amount of alert false positives that security teams have to process. In this work we investigate the use of Bayesian Autoencoder (BAE) models for uncertainty quantification in anomaly detection. A novel heteroscedastic aleatoric uncertainty modelling method is explored that jointly considers aleatoric and epistemic uncertainty. Heteroscedastic aleatoric uncertainty is modelled on the latent layer of the BAE and further explored through considering the variational lower bound. An uncertainty quantification framework for cybersecurity is designed and verified on UNSW-NB15 and CIC-IDS-2017 data sets. This research enhances the modelling of uncertainty in the BAE model and expands its application in cybersecurity.

Original languageEnglish
Article number103909
JournalComputers and Security
Volume144
DOIs
Publication statusPublished - Sep 2024

Keywords

  • Anomaly probability
  • Bayesian autoencoder
  • Cybersecurity
  • Heteroscedastic noise
  • Uncertainty quantification

Cite this