International Journal of Communications, Network and System Sciences

Volume 5, Issue 9 (September 2012)

ISSN Print: 1913-3715   ISSN Online: 1913-3723

Google-based Impact Factor: 0.66  Citations  h5-index & Ranking

Network Intrusion Detection and Visualization Using Aggregations in a Cyber Security Data Warehouse

HTML  Download Download as PDF (Size: 654KB)  PP. 593-602  
DOI: 10.4236/ijcns.2012.529069    4,765 Downloads   8,568 Views  Citations

ABSTRACT

The challenge of achieving situational understanding is a limiting factor in effective, timely, and adaptive cyber-security analysis. Anomaly detection fills a critical role in network assessment and trend analysis, both of which underlie the establishment of comprehensive situational understanding. To that end, we propose a cyber security data warehouse implemented as a hierarchical graph of aggregations that captures anomalies at multiple scales. Each node of our proposed graph is a summarization table of cyber event aggregations, and the edges are aggregation operators. The cyber security data warehouse enables domain experts to quickly traverse a multi-scale aggregation space systematically. We describe the architecture of a test bed system and a summary of results on the IEEE VAST 2012 Cyber Forensics data.

Share and Cite:

B. Denny Czejdo, E. M. Ferragut, J. R. Goodall and J. Laska, "Network Intrusion Detection and Visualization Using Aggregations in a Cyber Security Data Warehouse," International Journal of Communications, Network and System Sciences, Vol. 5 No. 9A, 2012, pp. 593-602. doi: 10.4236/ijcns.2012.529069.

Cited by

[1] Towards designing effective visualizations for DNS-based network threat analysis
2017
[2] A framework for the evaluation of the theoretical threat coverage provided by intrusion detection systems
2017
[3] 1Department of Computer Science and Biomedical Informatics, University of Central Greece, 2-4 Papasiopoulou St., Lamia, GR-35100, Greece, e-mail …
2016
[4] 1Department of Computer Science and Biomedical Informatics, University of Central Greece, 2-4 Papasiopoulou St., Lamia, GR-35100, Greece, e-mail: …
2016
[5] Designing a Data Cube for NSL-KDD data set to improve the quality of network intrusion detection
Proceedings of ICFM 2015, International Conference on Frontiers in Mathematics, 2015
[6] Integration of external data sources with cyber security data warehouse
Proceedings of the 9th Annual Cyber and Information Security Research Conference, 2014
[7] The state of the art in intrusion prevention and detection
2014
[8] Statistically significant relational data mining
2014
[9] Data warehouse for event streams violating rules
Foundations of Computing and Decision Sciences, 2013
[10] Statement of Research and Teaching Interests
2013
[11] Improving the results of intrusion detection systems
2013
[12] Deriving behavior primitives from aggregate network features using support vector machines
Cyber Conflict (CyCon), 2013 5th International Conference on. IEEE, 2013
[13] Addressing the challenges of anomaly detection for cyber physical energy grid systems
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, 2013
[14] Methods for post-processing of alerts in intrusion detection: A survey
International Journal of Information Security Science, 2013
[15] A combined discriminative and generative behavior model for cyber physical system defense
Resilient Control Systems (ISRCS), 2013 6th International Symposium on, 2013

Journals Menu
Follow SCIRP
Contact us
+1 323-425-8868
customer@scirp.org
WhatsApp +86 18163351462(WhatsApp)
Click here to send a message to me 1655362766
Paper Publishing WeChat

Copyright © 2024 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.