DocumentCode
1628057
Title
Time Series Analysis for Cyberthreat Detection and Prevention
Author
Chirosca, Alecsandru ; Chirosca, Gianina
Author_Institution
Dept. of Nucl. Phys., Univ. of Bucharest, Bucharest, Romania
fYear
2013
Firstpage
231
Lastpage
235
Abstract
IT infrastructure exposed to Internet for a period of time, will inevitably expose it to attacks with viruses (worms or trojans). Our current available methods are known not to be full-proof for their prevention and in the worst case the detection of computer system with unauthorized (remote) access. This paper proposes and extended method, applying time series techniques while evaluating the network transfer data. The proposed method tries to improve the detection of abnormal network activity, thus providing a better trigger for other more costly solutions. The downside of this approach is that the system must be informed about changes in networks services and content and still needs a lot of data to be collected in order to provide accurate results. Correlated with netflow® LAN data, the method can be used to identify network stations that are infected with viruses not detected by the installed antivirus solution or stations with compromised security systems.
Keywords
Internet; authorisation; computer network security; computer viruses; local area networks; time series; Internet; abnormal network activity detection; compromised security systems; cyberthreat detection; cyberthreat prevention; netflow LAN data; network stations; network transfer data; time series analysis; trojans; unauthorized remote access; viruses; worms; Fourier Transform; LAN monitoring; Wavelet transform; cyberthreat; datacenter administration; timeseries analysis;
fLanguage
English
Publisher
ieee
Conference_Titel
Developments in eSystems Engineering (DeSE), 2013 Sixth International Conference on
Conference_Location
Abu Dhabi
ISSN
2161-1343
Print_ISBN
978-1-4799-5263-2
Type
conf
DOI
10.1109/DeSE.2013.49
Filename
7041122
Link To Document