Intrusion Detection Forecasting Using Time Series for Improving Cyber Defence
作者: Azween Bin Abdullah , Thulasyammal Ramiah Pillai , Long Zheng Cai
关键词: Point (geometry) 、 Autoregressive–moving-average model 、 Cyber defense 、 Intrusion detection system 、 Order (exchange) 、 Range (statistics) 、 Series (mathematics) 、 Artificial intelligence 、 Data mining 、 Machine learning 、 Resource allocation 、 Computer science
摘要: The strength of time series modeling is generally not used in almost all current intrusion detection and prevention systems. By having models, system administrators will be able to better plan resource allocation readiness defend against malicious activities. In this paper, we address the knowledge gap by investigating possible inclusion a statistical based that can seamlessly integrated into existing cyber defense system. Cyber-attack processes exhibit long range dependence order investigate such properties new class Generalized Autoregressive Moving Average (GARMA) used. GARMA (1, 1; 1, ±) model fitted cyber-attack data sets. Two different estimation methods are Point forecasts predict attack rate possibly hours ahead also has been done performance models discussed. investigation case-study confirm exploiting properties, it cyber-attacks (at least terms rate) with good accuracy. This kind forecasting capability would provide sufficient early-warning for defenders adjust their configurations or allocations.
ijisae.org
atscience.org 参考文章(20)
C. Ishida, Y. Arakawa, I. Sasase, K. Takemori, Forecast techniques for predicting increase or decrease of attacks using Bayesian inference pacific rim conference on communications, computers and signal processing. pp. 450- 453 ,(2005) , 10.1109/PACRIM.2005.1517323
Hideki Koike, Yusuke Hideshima, STARMINE: a visualization system for cyber attacks APVis '06 Proceedings of the 2006 Asia-Pacific Symposium on Information Visualisation - Volume 60. pp. 131- 138 ,(2006)
A Markandya, G Frey, E Scarpa, M Manera, Econometric models for oil price forecasting: a critical survey CESIFO FORUM. ,vol. 1, pp. 29- 44 ,(2009)
Keisuke Takemori, Yutaka Miyake, Chie Ishida, Iwao Sasase, A SOC Framework for ISP Federation and Attack Forecast by Learning Propagation Patterns intelligence and security informatics. pp. 172- 179 ,(2007) , 10.1109/ISI.2007.379551
Zhenxin Zhan, Maochao Xu, Shouhuai Xu, Characterizing Honeypot-Captured Cyber Attacks: Statistical Framework and Case Study IEEE Transactions on Information Forensics and Security. ,vol. 8, pp. 1775- 1789 ,(2013) , 10.1109/TIFS.2013.2279800
Mahendran Shitan, Shelton Peiris, Time Series Properties of the Class of Generalized First-Order Autoregressive Processes with Moving Average Errors Communications in Statistics-theory and Methods. ,vol. 40, pp. 2259- 2275 ,(2011) , 10.1080/03610921003765784
Dongwoo Kwon, James Won-Ki Hong, Hongtaek Ju, DDoS attack forecasting system architecture using Honeynet asia pacific network operations and management symposium. pp. 1- 4 ,(2012) , 10.1109/APNOMS.2012.6356055
Aimin Sang, San-qi Li, A predictability analysis of network traffic Computer Networks. ,vol. 39, pp. 329- 345 ,(2002) , 10.1016/S1389-1286(01)00304-8
Gang Fang, Sargur N. Srihari, Harish Srinivasan, Cyber Threat Trend Analysis Model Using HMM information assurance and security. pp. 177- 182 ,(2007) , 10.1109/IAS.2007.32
Zhang Yong, Tan Xiaobin, Xi Hongsheng, L-Chord: Routing Model for Chord Based on Layer-Dividing computational intelligence and security. pp. 262- 265 ,(2007) , 10.1109/CIS.2007.160