Bayesian Learning Networks Approach to Cybercrime Detection

The growing dependence of modern society on telecommunication and information networks has become inevitable. The increase in the number of interconnected networks to the Internet has led to an increase in security threats and cybercrimes such as Distributed Denial of Service (DDoS) attacks. Any Internet based attack typically is prefaced by a reconnaissance probe process, which might take just a few minutes, hours, days, or even months before the attack takes place. In order to detect distributed network attacks as early as possible, an under research and development probabilistic approach, which is known by Bayesian networks has been proposed. This paper shows how probabilistically Bayesian network detects communication network attacks, allowing for generalization of Network Intrusion Detection Systems (NIDSs). Learning Agents which deploy Bayesian network approach are considered to be a promising and useful tool in determining suspicious early events of Internet threats and consequently relating them to the following occurring activities.Peer reviewe

Off-line Signature Verification Based on Fusion of Grid and Global Features Using Neural Networks

Signature is widely used and developed area of research for personal verification and authentication. In this paper Off-line Signature Verification Based on Fusion of Grid and Global Features Using Neural Networks (SVFGNN) is presented. The global and grid features are fused to generate set of features for the verification of signature. The test signature is compared with data base signatures based on the set of features and match/non match of signatures is decided with the help of Neural Network. The performance analysis is conducted on random, unskilled and skilled signature forgeries along with genuine signatures. It is observed that FAR and FRR results are improved in the proposed method compared to the existing algorithm

Malware in the Future? Forecasting of Analyst Detection of Cyber Events

There have been extensive efforts in government, academia, and industry to anticipate, forecast, and mitigate cyber attacks. A common approach is time-series forecasting of cyber attacks based on data from network telescopes, honeypots, and automated intrusion detection/prevention systems. This research has uncovered key insights such as systematicity in cyber attacks. Here, we propose an alternate perspective of this problem by performing forecasting of attacks that are analyst-detected and -verified occurrences of malware. We call these instances of malware cyber event data. Specifically, our dataset was analyst-detected incidents from a large operational Computer Security Service Provider (CSSP) for the U.S. Department of Defense, which rarely relies only on automated systems. Our data set consists of weekly counts of cyber events over approximately seven years. Since all cyber events were validated by analysts, our dataset is unlikely to have false positives which are often endemic in other sources of data. Further, the higher-quality data could be used for a number for resource allocation, estimation of security resources, and the development of effective risk-management strategies. We used a Bayesian State Space Model for forecasting and found that events one week ahead could be predicted. To quantify bursts, we used a Markov model. Our findings of systematicity in analyst-detected cyber attacks are consistent with previous work using other sources. The advanced information provided by a forecast may help with threat awareness by providing a probable value and range for future cyber events one week ahead. Other potential applications for cyber event forecasting include proactive allocation of resources and capabilities for cyber defense (e.g., analyst staffing and sensor configuration) in CSSPs. Enhanced threat awareness may improve cybersecurity.Comment: Revised version resubmitted to journa