TY - GEN
T1 - An integrated cyber security monitoring system using correlation-based techniques
AU - Wu, Qishi
AU - Ferebee, Denise
AU - Lin, Yunyue
AU - Dasgupta, Dipankar
PY - 2009
Y1 - 2009
N2 - We propose an adaptive cyber security monitoring system that integrates a number of component techniques to collect time-series situation information, perform intrusion detection, keep track of event evolution, and characterize and identify security events so corresponding defense actions can be taken in a timely and effective manner. Particularly, we employ a decision fusion algorithm with analytically proven performance guarantee for intrusion detection based on local votes from distributed sensors. Different from the traditional rule-based pattern matching technique, security events in the proposed system are represented in a graphical form of correlation networks using random matrix theory and identified through the computation of network similarity measurement. Extensive simulation results on event identification illustrate the efficacy of the proposed system. Index Terms-Cyber security, decision fusion, event correlation, random matrix theory.
AB - We propose an adaptive cyber security monitoring system that integrates a number of component techniques to collect time-series situation information, perform intrusion detection, keep track of event evolution, and characterize and identify security events so corresponding defense actions can be taken in a timely and effective manner. Particularly, we employ a decision fusion algorithm with analytically proven performance guarantee for intrusion detection based on local votes from distributed sensors. Different from the traditional rule-based pattern matching technique, security events in the proposed system are represented in a graphical form of correlation networks using random matrix theory and identified through the computation of network similarity measurement. Extensive simulation results on event identification illustrate the efficacy of the proposed system. Index Terms-Cyber security, decision fusion, event correlation, random matrix theory.
UR - http://www.scopus.com/inward/record.url?scp=74949107111&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=74949107111&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:74949107111
SN - 9781424421732
T3 - 2009 IEEE International Conference on System of Systems Engineering, SoSE 2009
BT - 2009 IEEE International Conference on System of Systems Engineering, SoSE 2009
T2 - 2009 IEEE International Conference on System of Systems Engineering, SoSE 2009
Y2 - 30 May 2009 through 3 June 2009
ER -