UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Cerberus: Exploring Federated Prediction of Security Events

Naseri, Mohammad; Han, Yufei; Mariconti, Enrico; Shen, Yun; Stringhini, Gianluca; Cristofaro, Emiliano De; (2022) Cerberus: Exploring Federated Prediction of Security Events. In: Proceedings of the 29th ACM Conference on Computer and Communications Security (ACM CCS 2022). (pp. pp. 2337-2351). Association for Computing Machinery: Los Angeles, CA, USA. Green open access

[thumbnail of 2209.03050v1.pdf]
Preview
Text
2209.03050v1.pdf - Accepted Version

Download (1MB) | Preview

Abstract

Modern defenses against cyberattacks increasingly rely on proactive approaches, e.g., to predict the adversary's next actions based on past events. Building accurate prediction models requires knowledge from many organizations; alas, this entails disclosing sensitive information, such as network structures, security postures, and policies, which might often be undesirable or outright impossible. In this paper, we explore the feasibility of using Federated Learning (FL) to predict future security events. To this end, we introduce Cerberus, a system enabling collaborative training of Recurrent Neural Network (RNN) models for participating organizations. The intuition is that FL could potentially offer a middle-ground between the non-private approach where the training data is pooled at a central server and the low-utility alternative of only training local models. We instantiate Cerberus on a dataset obtained from a major security company's intrusion prevention product and evaluate it vis-a-vis utility, robustness, and privacy, as well as how participants contribute to and benefit from the system. Overall, our work sheds light on both the positive aspects and the challenges of using FL for this task and paves the way for deploying federated approaches to predictive security.

Type: Proceedings paper
Title: Cerberus: Exploring Federated Prediction of Security Events
Event: 29th ACM Conference on Computer and Communications Security (ACM CCS 2022)
Open access status: An open access version is available from UCL Discovery
DOI: 10.1145/3548606.3560580
Publisher version: https://doi.org/10.1145/3548606.3560580
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.
UCL classification: UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science
URI: https://discovery.ucl.ac.uk/id/eprint/10155762
Downloads since deposit
18Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item