Accession Number:

AD1053425

Title:

A Multi-scale Cognitive Approach to Intrusion Detection and Response

Descriptive Note:

Technical Report,28 Jul 2010,27 Jul 2014

Corporate Author:

Pace University New York United States

Personal Author(s):

Report Date:

2015-12-28

Pagination or Media Count:

11.0

Abstract:

The goal of this research is to create an architecture for multi-scale analysis of emergent behavior for network security. Our system will analyze network behaviors ranging from entire system behavior down to the packet level, treating treat attackers behavior as a complex nonlinear behavioral system. The significance of this project is that it represents a completely new direction in intrusion detection research. Previous work has focused on analysis of individual alerts and sensor readings, rather than on analysis of the dynamics of global patterns of alerts and sensors. A major sub goal of this work is to evaluate data mining methods in cybersecurity. There is a large body of published work, but little has been migrated into products. We need to find which methods work best and why the others fail.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE