Beyond Data: Contextual Information Fusion for Cyber Security Analytics
Title | Beyond Data: Contextual Information Fusion for Cyber Security Analytics |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | AlEroud, Ahmed, Karabatis, George |
Conference Name | Proceedings of the 31st Annual ACM Symposium on Applied Computing |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-3739-7 |
Keywords | composability, Context, IDS, information fusion, Intrusion detection, Intrusion Detection System (IDS), Intrusion Detection Systems, pubcrawl, Resiliency, security |
Abstract | A major challenge of the existing attack detection approaches is the identification of relevant information to a particular situation, and the use of such information to perform multi-evidence intrusion detection. Addressing such a limitation requires integrating several aspects of context to better predict, avoid and respond to impending attacks. The quality and adequacy of contextual information is important to decrease uncertainty and correctly identify potential cyber-attacks. In this paper, a systematic methodology has been used to identify contextual dimensions that improve the effectiveness of detecting cyber-attacks. This methodology combines graph, probability, and information theories to create several context-based attack prediction models that analyze data at a high- and low-level. An extensive validation of our approach has been performed using a prototype system and several benchmark intrusion detection datasets yielding very promising results. |
URL | http://doi.acm.org/10.1145/2851613.2851636 |
DOI | 10.1145/2851613.2851636 |
Citation Key | aleroud_beyond_2016 |