Title :
A Cyber-Security Storm MAP
Author :
Ferebee, Denise ; Dasgupta, Dipankar ; Qishi Wu
Author_Institution :
Dept. of Comput. Sci., Univ. of Memphis, Memphis, TN, USA
Abstract :
When a cyber-security event occurs, a person has to answer the following questions: what events are happening, where are the events occurring, and how much damage has occurred or will occur. This paper recommends a cyber-security monitoring system that provides correlation of time-series event data, a visual representation of the security events, and gives a predictive forecast of potential events based on known environmental states. The rationale for this comes from the need to have an overall view of security events or storms that are occurring on a network while providing information in reference to severity and a propagation pattern. Thus, it can potentially provide an early warning so that events or storms can be proactively mitigated. In addition, it can help in making business decisions by determining or understanding the relationship between the computing devices and the business/information technology services they make up.
Keywords :
business data processing; computer network security; decision making; time series; business decision making; cyber-security event; cyber-security monitoring system; cyber-security storm; early warning; environmental states; information technology services; network security events; predictive forecast; propagation pattern; security events; time series event data correlation; visual representation; Cyber-security; event correlation; information visualization; levels of abstraction; security event;
Conference_Titel :
Cyber Security (CyberSecurity), 2012 International Conference on
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4799-0219-4
DOI :
10.1109/CyberSecurity.2012.19
