Monitoring security events using integrated Correlation-based techniques

Qishi Wu, Denise Ferebee, Yunyue Lin, Dipankar Dasgupta

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

We propose an adaptive cyber security monitoring system that integrates a number of component techniques to collect time-series situation information, perform intrusion detec- tion, and characterize and identify security events so corre- sponding defense actions can be taken in a timely and effec- tive manner. We employ a decision fusion algorithm with analytically proven performance guarantee for intrusion de- tection based on local votes from distributed sensors. The security events in the proposed system are represented as forms of correlation networks using random matrix theory and identified through the computation of network similarity measurement. Extensive simulation results on event identi- fication illustrate the efficacy of the proposed system.

Original languageEnglish (US)
Title of host publicationCSIIRW09
Subtitle of host publicationFifth Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies
DOIs
StatePublished - 2009
Externally publishedYes
EventCSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies - Oak Ridge, TN, United States
Duration: Apr 13 2009Apr 15 2009

Publication series

NameACM International Conference Proceeding Series

Other

OtherCSIIRW 2009: 5th Annual Cyber Security and Information Intelligence Research Workshop: Cyber Security and Information Intelligence Challenges and Strategies
Country/TerritoryUnited States
CityOak Ridge, TN
Period4/13/094/15/09

All Science Journal Classification (ASJC) codes

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Keywords

  • Cyber security
  • Event correlation
  • Random matrix theory

Fingerprint

Dive into the research topics of 'Monitoring security events using integrated Correlation-based techniques'. Together they form a unique fingerprint.

Cite this