Data Mining in Cyber Operations

Abstract

The dynamic nature of the cyberspace environment presents opportunities for both attackers and defenders to conduct complex cyber operations in serial or parallel across multiple networks and systems. Defensive operators must be vigilant to identify new attack vectors, real-time attacks as they happen, and signs of attacks that have gotten through the security perimeter. This means that defenders must continuously sift through vast amounts of sensor data that could be made more efficient with advances in data mining techniques to accurately map the attack surface, collect and integrate data, synchronize time, select features, develop models, extract knowledge and produce useful visualization. Effective techniques would enable models that describe dynamic behavior of complicated attacks and failures and allow defenders to detect and differentiate simultaneous sophisticated attacks on a target network.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 01, 2014
Accession Number
ADA604794

Entities

People

  • Brandon Froberg
  • George Corbin
  • Jonathan Williams
  • Kevin Nelson
  • Misty Blowers
  • Stean Fernandez

Organizations

  • Air Force Research Laboratory

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Big Data
  • Computer Networks
  • Cyber Warfare
  • Cyberspace
  • Cyberspace Operations
  • Data Mining
  • Detection
  • Detectors
  • Dimensionality Reduction
  • Intrusion Detection
  • Machine Learning
  • Network Protocols
  • Network Science
  • Security
  • Supervised Machine Learning

Fields of Study

  • Computer science

Readers

  • Computer Vision.
  • Irregular Warfare and Special Operations Cyberspace Operations against Adversarial Threats.
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • Cyber