Predictions of Network Attacks in Collaborative Environment

Logo poskytovatele

Varování

Publikace nespadá pod Filozofickou fakultu, ale pod Ústav výpočetní techniky. Oficiální stránka publikace je na webu muni.cz.
Autoři

HUSÁK Martin ČELEDA Pavel

Rok publikování 2020
Druh Článek ve sborníku
Konference NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium
Fakulta / Pracoviště MU

Ústav výpočetní techniky

Citace
www https://ieeexplore.ieee.org/document/9110472
Doi http://dx.doi.org/10.1109/NOMS47738.2020.9110472
Klíčová slova intrusion detection;alert correlation;information sharing;collaboration;prediction;situational awareness
Přiložené soubory
Popis This paper is a digest of the thesis on predicting cyber attacks in a collaborative environment. While previous works mostly focused on predicting attacks as seen from a single observation point, we proposed taking advantage of collaboration and exchange of intrusion detection alerts among organizations and networks. Thus, we can observe the cyber attack on a large scale and predict the next action of an adversary and its target. The thesis follows the three levels of cyber situational awareness: perception, comprehension, and projection. In the perception phase, we discuss the improvements of intrusion detection systems that allow for sharing intrusion detection alerts and their correlation. In the comprehension phase, we employed data mining to discover frequent attack patterns. In the projection phase, we present the analytical framework for the predictive analysis of the alerts backed by data mining and contemporary data processing approaches. The results are shown from experimental evaluation in the security alert sharing platform SABU, where real-world alerts from Czech academic and commercial networks are shared. The thesis is accompanied by the implementation of the analytical framework and a dataset that provides a baseline for future work.
Související projekty:

Používáte starou verzi internetového prohlížeče. Doporučujeme aktualizovat Váš prohlížeč na nejnovější verzi.