A Multi-scale Cognitive Approach to Intrusion Detection and Response
Technical Report,28 Jul 2010,27 Jul 2014
Pace University New York United States
Pagination or Media Count:
The goal of this research is to create an architecture for multi-scale analysis of emergent behavior for network security. Our system will analyze network behaviors ranging from entire system behavior down to the packet level, treating treat attackers behavior as a complex nonlinear behavioral system. The significance of this project is that it represents a completely new direction in intrusion detection research. Previous work has focused on analysis of individual alerts and sensor readings, rather than on analysis of the dynamics of global patterns of alerts and sensors. A major sub goal of this work is to evaluate data mining methods in cybersecurity. There is a large body of published work, but little has been migrated into products. We need to find which methods work best and why the others fail.
- Computer Systems Management and Standards