Skip to main content

Research Repository

Advanced Search

Detecting stealthy attacks: efficient monitoring of suspicious activities on computer networks.

Kalutarage, Harsha K.; Shaikh, Siraj A.; Wickramasinghe, Indika P.; Zhou, Qin; James, Anne E.

Authors

Harsha K. Kalutarage

Siraj A. Shaikh

Indika P. Wickramasinghe

Qin Zhou

Anne E. James



Abstract

Stealthy attackers move patiently through computer networks – taking days, weeks or months to accomplish their objectives in order to avoid detection. As networks scale up in size and speed, monitoring for such attack attempts is increasingly a challenge. This paper presents an efficient monitoring technique for stealthy attacks. It investigates the feasibility of proposed method under number of different test cases and examines how design of the network affects the detection. A methodological way for tracing anonymous stealthy activities to their approximate sources is also presented. The Bayesian fusion along with traffic sampling is employed as a data reduction method. The proposed method has the ability to monitor stealthy activities using 10–20% size sampling rates without degrading the quality of detection.

Journal Article Type Article
Publication Date Oct 31, 2015
Journal Computers and electrical engineering
Print ISSN 0045-7906
Publisher Elsevier
Peer Reviewed Peer Reviewed
Volume 47
Pages 327-344
Institution Citation KALUTARAGE, H.K., SHAIKH, S.A., WICKRAMASINGHE, I.P., ZHOU, Q. and JAMES, A.E. 2015. Detecting stealthy attacks: efficient monitoring of suspicious activities on computer networks. Computers and electrical engineering [online], 47, pages 327-344. Available from: https://doi.org/10.1016/j.compeleceng.2015.07.007
DOI https://doi.org/10.1016/j.compeleceng.2015.07.007
Keywords Stealthy attacks; Bayesian fusion; Network simulation; Traffic sampling; Anomaly detection

Files





You might also like



Downloadable Citations

;