A Multi-scale Cognitive Approach to Intrusion Detection and Response

Abstract

The goal of this research is to create an architecture for multi-scale analysis of emergent behavior for network security. Our system will analyze network behaviors ranging from entire system behavior down to the packet level, treating treat attackers behavior as a complex nonlinear behavioral system. The significance of this project is that it represents a completely new direction in intrusion detection research. Previous work has focused on analysis of individual alerts and sensor readings, rather than on analysis of the dynamics of global patterns of alerts and sensors. A major sub goal of this work is to evaluate data mining methods in cybersecurity. There is a large body of published work, but little has been migrated into products. We need to find which methods work best and why the others fail.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 28, 2015
Accession Number
AD1053425

Entities

People

  • David Benjamin

Organizations

  • Pace University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computers
  • Computing System Architectures
  • Cybersecurity
  • Data Mining
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Machine Learning
  • Network Topology
  • Operating Systems
  • Simulators
  • Statistical Analysis
  • Students
  • Virtual Machines

Readers

  • Cybersecurity.
  • Neural Network Machine Learning.
  • Theoretical Analysis.

Technology Areas

  • AI & ML
  • Cyber