382 research outputs found
Bayesian Models Applied to Cyber Security Anomaly Detection Problems
Cyber security is an important concern for all individuals, organisations and governments globally. Cyber attacks have become more sophisticated, frequent and dangerous than ever, and traditional anomaly detection methods have been proved to be less effective when dealing with these new classes of cyber threats. In order to address this, both classical and Bayesian models offer a valid and innovative alternative to the traditional signature-based methods, motivating the increasing interest in statistical research that it has been observed in recent years. In this review, we provide a description of some typical cyber security challenges, typical types of data and statistical methods, paying special attention to Bayesian approaches for these problems
Scalable architecture for online prioritization of cyber threats
This paper proposes an innovative framework for the early detection of several
cyber attacks, where the main component is an analytics core that gathers streams of raw data
generated by network probes, builds several layer models representing different activities of
internal hosts, analyzes intra-layer and inter-layer information. The online analysis of internal
network activities at different levels distinguishes our approach with respect to most detection
tools and algorithms focusing on separate network levels or interactions between internal and
external hosts. Moreover, the integrated multi-layer analysis carried out through parallel
processing reduces false positives and guarantees scalability with respect to the size of the
network and the number of layers. As a further contribution, the proposed framework executes
autonomous triage by assigning a risk score to each internal host. This key feature allows
security experts to focus their attention on the few hosts with higher scores rather than wasting
time on thousands of daily alerts and false alarms
Bayesian Models Applied to Cyber Security Anomaly Detection Problems
Cyber security is an important concern for all individuals, organisations and
governments globally. Cyber attacks have become more sophisticated, frequent
and dangerous than ever, and traditional anomaly detection methods have been
proved to be less effective when dealing with these new classes of cyber
threats. In order to address this, both classical and Bayesian models offer a
valid and innovative alternative to the traditional signature-based methods,
motivating the increasing interest in statistical research that it has been
observed in recent years. In this review we provide a description of some
typical cyber security challenges, typical types of data and statistical
methods, paying special attention to Bayesian approaches for these problems
- …