An integrated cyber security monitoring system using correlation-based techniques

Qishi Wu, Denise Ferebee, Yunyue Lin, Dipankar Dasgupta

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Scopus citations

Abstract

We propose an adaptive cyber security monitoring system that integrates a number of component techniques to collect time-series situation information, perform intrusion detection, keep track of event evolution, and characterize and identify security events so corresponding defense actions can be taken in a timely and effective manner. Particularly, we employ a decision fusion algorithm with analytically proven performance guarantee for intrusion detection based on local votes from distributed sensors. Different from the traditional rule-based pattern matching technique, security events in the proposed system are represented in a graphical form of correlation networks using random matrix theory and identified through the computation of network similarity measurement. Extensive simulation results on event identification illustrate the efficacy of the proposed system. Index Terms-Cyber security, decision fusion, event correlation, random matrix theory.

Original languageEnglish (US)
Title of host publication2009 IEEE International Conference on System of Systems Engineering, SoSE 2009
StatePublished - Dec 1 2009
Externally publishedYes
Event2009 IEEE International Conference on System of Systems Engineering, SoSE 2009 - Albuquerque, NM, United States
Duration: May 30 2009Jun 3 2009

Publication series

Name2009 IEEE International Conference on System of Systems Engineering, SoSE 2009

Other

Other2009 IEEE International Conference on System of Systems Engineering, SoSE 2009
Country/TerritoryUnited States
CityAlbuquerque, NM
Period5/30/096/3/09

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'An integrated cyber security monitoring system using correlation-based techniques'. Together they form a unique fingerprint.

Cite this