Title :
Toward Ensemble Characterization and Projection of Multistage Cyber Attacks
Author :
Du, Haitao ; Liu, Daniel F. ; Holsopple, Jared ; Yang, Shanchieh Jay
Author_Institution :
Dept. of Comput. Eng., Rochester Inst. of Technol., Rochester, NY, USA
Abstract :
With expanding network infrastructures, increasing vulnerabilities and uncertain malicious activities, cyber security research has begun to provide situation assessment beyond Intrusion Detection Systems (IDSs). A key goal of cyber situation assessment is to efficiently and effectively project the likely future targets of ongoing multistage attacks. This work presents two ensemble techniques that combine real-time projection algorithms modeling the behavior, capability, and opportunity of malicious activities in a network. Sugeno fuzzy inference system and Transferable Belief Model are used to combine supporting evidence and resolve conflicts between the algorithm outputs. The two ensemble techniques are analyzed and compared using simulated attack datasets generated for varying network environments and attack parameters. The results are discussed to reveal the benefits and limitations of individual algorithms and ensemble techniques.
Keywords :
computer network security; inference mechanisms; security of data; Sugeno fuzzy inference system; computer network security; cyber situation assessment; intrusion detection systems; multistage cyber attacks; network infrastructures; transferable belief model; Complexity theory; Computational modeling; IP networks; Markov processes; Projection algorithms; Reliability; Servers;
Conference_Titel :
Computer Communications and Networks (ICCCN), 2010 Proceedings of 19th International Conference on
Conference_Location :
Zurich
Print_ISBN :
978-1-4244-7114-0
DOI :
10.1109/ICCCN.2010.5560087
