ADEN: Anomaly Detection Engine for Networks

reportActive / Technical Report | Accession Number: ADA598209 | Open PDF

Abstract:

The ADEN team completed its first project year with a successful evaluation of the preliminary version of its detection engine. The advancing availability of data had a major influence on the direction of our work. We started with public data from Wikipedia for adversary detection by content analysis. With the availability of the synthetic datasets generated by CERT, we refocused our work to address relational data. Finally, the more comprehensive SureView collected at Raytheon gives us the opportunity to extend our anomaly detection engine with the design of a Combined Codebook consisting of a mix of textual, relational, and network oriented variables that may all be linked to identifying insider threat.

Author(s):
Subrahmanian, V. S.
Author Organization(s):
MARYLAND UNIV COLLEGE PARK DEPT OF COMPUTER SCIENCE
Descriptive Note:
Technical rept.
Supplementary Note:
The original document contains color images. DOI: 10.21236/ADA598209
Pagination:
0011

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:
Approved For Public Release
Distribution Statement:
Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR
Identifying Numbers
Report Number(s):
ARO-60132-NS-DRP.1
Contract/Grant Number(s):
W911NF-11-C-0215
Monitor Series:
60132-NS-DRP.1, ARO
 Subject Terms
Joint Capability Areas:
JCA_6_Net Centric; JCA_6.1_Information Transport; JCA_5_Command and Control; JCA_5.3_Planning; JCA_1.2_Force Preparation; JCA_1_Force Support; JCA_3.2_Engagement; JCA_3_Force Application; JCA_1.2.3_Educating; JCA_3.2.2_Non-Kinetic Means; JCA_6.4.1_Secure Information Exchange; JCA_8_Building Partnerships
Communities of Interest:
Energy and Power Technologies
Descriptor(s):
*ANOMALIES, *DETECTION, *NETWORKS, AVAILABILITY, ENGINES, LINKAGES, TEAMS(PERSONNEL), THREATS, VARIABLES
Field(s)/Group(s):
Computer Systems Management and Standards, Miscellaneous Detection and Detectors
Report Date:
2013 Jan 01
Creation Date:
2014 May 05