Preemptive Intrusion Detection
Title | Preemptive Intrusion Detection |
Publication Type | Conference Paper |
Year of Publication | 2014 |
Authors | Cao, Phuong, Chung, Key-whan, Kalbarczyk, Zbigniew, Iyer, Ravishankar, Slagell, Adam J. |
Conference Name | Proceedings of the 2014 Symposium and Bootcamp on the Science of Security |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-2907-1 |
Keywords | ACM CCS, CPS Technologies, credential stealing attack, cyber security, cyber-system, Data Driven Security Models and Analysis, factor graph, Foundations, graphical model, Intrusion Detection Systems, Intrusion/Anomaly Detection and Malware Mitigation, Modeling, science of security, security incident, Systems Engineering, tagging, timeliness |
Abstract | This paper presents a system named SPOT to achieve high accuracy and preemptive detection of attacks. We use security logs of real-incidents that occurred over a six-year period at National Center for Supercomputing Applications (NCSA) to evaluate SPOT. Our data consists of attacks that led directly to the target system being compromised, i.e., not detected in advance, either by the security analysts or by intrusion detection systems. Our approach can detect 75 percent of attacks as early as minutes to tens of hours before attack payloads are executed. |
URL | http://doi.acm.org/10.1145/2600176.2600197 |
DOI | 10.1145/2600176.2600197 |
Citation Key | Cao:2014:PID:2600176.2600197 |
- Systems Engineering
- Modeling
- Science of Security
- CPS Technologies
- Foundations
- ACM CCS
- CPS Technologies
- credential stealing attack
- cyber security
- cyber-system
- factor graph
- foundations
- Graphical Model
- Intrusion Detection Systems
- Intrusion/Anomaly Detection and Malware Mitigation
- modeling
- Science of Security
- security incident
- systems engineering
- tagging
- timeliness
- ACM CCS
- Cyber Security
- Intrusion Detection Systems
- Intrusion/Anomaly Detection and Malware Mitigation
- Data Driven Security Models and Analysis