Information and Software Assurance: A Coordinated Approach to Cyber-Situation Awareness Based on Traffic Anomaly Detection

Abstract

We are developing a suite of approaches for detecting anomalies in communication network traffic. While the methods are general and apply to many situations, we have primarily focused on methods to detect data exfiltration of unauthorized material from servers, repositories, and databases by third malicious parties. Our objective is to detect such attacks in their preparatory or early stage simply by observing the traffic that flows in and out of these repositories.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 16, 2019
Accession Number
AD1079170

Entities

People

  • Christos G. Cassandras
  • Mark Crovella
  • Paul R. Barford
  • Yannis Paschalidis

Organizations

  • Boston University

Tags

Communities of Interest

  • Biomedical
  • C4I
  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Anomaly Detection
  • Change Detection
  • Computational Science
  • Computer Communications
  • Control Systems
  • Control Systems Engineering
  • Data Mining
  • Detectors
  • Electronic Mail
  • Information Science
  • Machine Learning
  • Network Science
  • Operations Research
  • Sensor Networks
  • Supervised Machine Learning
  • Systems Engineering
  • Wireless Sensor Networks

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Instructional Design and Training Evaluation.
  • Systems Analysis and Design

Technology Areas

  • Cyber