Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks
Data(s) |
01/10/2015
|
---|---|
Resumo |
<p>Stealthy attackers move patiently through computer networks - taking days, weeks or months to accomplish their objectives in order to avoid detection. As networks scale up in size and speed, monitoring for such attack attempts is increasingly a challenge. This paper presents an efficient monitoring technique for stealthy attacks. It investigates the feasibility of proposed method under number of different test cases and examines how design of the network affects the detection. A methodological way for tracing anonymous stealthy activities to their approximate sources is also presented. The Bayesian fusion along with traffic sampling is employed as a data reduction method. The proposed method has the ability to monitor stealthy activities using 10-20% size sampling rates without degrading the quality of detection.</p> |
Identificador |
http://dx.doi.org/10.1016/j.compeleceng.2015.07.007 http://www.scopus.com/inward/record.url?scp=84937142760&partnerID=8YFLogxK |
Idioma(s) |
eng |
Direitos |
info:eu-repo/semantics/restrictedAccess |
Fonte |
Kalutarage , H K , Shaikh , S A , Wickramasinghe , I P , Zhou , Q & James , A E 2015 , ' Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks ' Computers and Electrical Engineering , vol 47 , pp. 327-344 . DOI: 10.1016/j.compeleceng.2015.07.007 |
Palavras-Chave | #Anomaly detection #Bayesian fusion #Network simulation #Stealthy attacks #Traffic sampling #/dk/atira/pure/subjectarea/asjc/1700 #Computer Science(all) #/dk/atira/pure/subjectarea/asjc/2200/2208 #Electrical and Electronic Engineering #/dk/atira/pure/subjectarea/asjc/2200/2207 #Control and Systems Engineering |
Tipo |
article |