Abstract
Uncertainty quantification of cybersecurity anomaly detection results provides critical guidance for decision makers on whether or not to accept the results. Improving the trustworthiness of anomaly predictions can reduce the amount of alert false positives that security teams have to process. In this work we investigate the use of Bayesian Autoencoder (BAE) models for uncertainty quantification in anomaly detection. A novel heteroscedastic aleatoric uncertainty modelling method is explored that jointly considers aleatoric and epistemic uncertainty. Heteroscedastic aleatoric uncertainty is modelled on the latent layer of the BAE and further explored through considering the variational lower bound. An uncertainty quantification framework for cybersecurity is designed and verified on UNSW-NB15 and CIC-IDS-2017 data sets. This research enhances the modelling of uncertainty in the BAE model and expands its application in cybersecurity.
Original language | English |
---|---|
Article number | 103909 |
Journal | Computers and Security |
Volume | 144 |
DOIs | |
Publication status | Published - Sep 2024 |
Keywords
- Anomaly probability
- Bayesian autoencoder
- Cybersecurity
- Heteroscedastic noise
- Uncertainty quantification