Harsha K. Kalutarage
Detecting stealthy attacks: efficient monitoring of suspicious activities on computer networks.
Kalutarage, Harsha K.; Shaikh, Siraj A.; Wickramasinghe, Indika P.; Zhou, Qin; James, Anne E.
Siraj A. Shaikh
Indika P. Wickramasinghe
Anne E. James
Stealthy attackers move patiently through computer networks – taking days, weeks or months to accomplish their objectives in order to avoid detection. As networks scale up in size and speed, monitoring for such attack attempts is increasingly a challenge. This paper presents an efficient monitoring technique for stealthy attacks. It investigates the feasibility of proposed method under number of different test cases and examines how design of the network affects the detection. A methodological way for tracing anonymous stealthy activities to their approximate sources is also presented. The Bayesian fusion along with traffic sampling is employed as a data reduction method. The proposed method has the ability to monitor stealthy activities using 10–20% size sampling rates without degrading the quality of detection.
|Journal Article Type||Article|
|Publication Date||Oct 31, 2015|
|Journal||Computers and electrical engineering|
|Peer Reviewed||Peer Reviewed|
|Institution Citation||KALUTARAGE, H.K., SHAIKH, S.A., WICKRAMASINGHE, I.P., ZHOU, Q. and JAMES, A.E. 2015. Detecting stealthy attacks: efficient monitoring of suspicious activities on computer networks. Computers and electrical engineering [online], 47, pages 327-344. Available from: https://doi.org/10.1016/j.compeleceng.2015.07.007|
|Keywords||Stealthy attacks; Bayesian fusion; Network simulation; Traffic sampling; Anomaly detection|
KALUTARAGE 2015 Detecting stealthy
You might also like
Reducing computational cost in IoT cyber security: case study of artificial immune system algorithm.
Context-aware anomaly detector for monitoring cyber attacks on automotive CAN bus.
Anomaly detection in network traffic using dynamic graph mining with a sparse autoencoder.
Towards a threat assessment framework for apps collusion.
Feature trade-off analysis for reconnaissance detection.