User Selection of Clusters and Classifiers in BBAC

Abstract : The Behavior-Based Access Control (BBAC) project seeks to address the increasingly sophisticated attacks and attempts to exfiltrate or corrupt critical sensitive information. BBAC uses statistical machine learning techniques (clustering and classification) to make predictions about the intent of actors establishing TCP connections and HTTP requests. Administrators will need to assign new computers to appropriate clusters, to be alerted about changes in cluster assignments, to select classifiers and settings to use, and to monitor accuracy of the system. We discuss the requirements and our current approach in this Interactive ML application domain.