CYSAS-S3: A novel dataset for validating cyber situational awareness related tools for supporting military operations

被引：1

作者：

Daton Medenou, Roumen ^{[1
,2
]}

Calzado Mayo, Victor Manuel ^{[1
]}

Garcia Balufol, Miriam ^{[1
]}

Paramo Castrillo, Miguel ^{[1
]}

Gonzalez Garrido, Francisco Jose ^{[1
]}

Luis Martinez, Alvaro ^{[1
,3
]}

Nevado Catalan, David ^{[1
,4
]}

Hu, Ao ^{[1
]}

Sandoval Rodriguez-Bermejo, David ^{[1
,4
]}

Maestre Vidal, Jorge ^{[1
]}

Pasqual De Riquelme, Gerardo Ramis ^{[1
]}

Berardi, Antonio ^{[5
]}

De Santis, Paolo ^{[5
]}

Torelli, Francesco ^{[5
]}

Sanchez, Salvador Llopis ^{[6
]}

机构：

[1] Indra, Digital Labs, Madrid, Spain

[2] Univ Int La Rioja UNIR, La Rioja, Spain

[3] Univ Politecn Madrid UPM, Madrid, Spain

[4] Univ Carlos III Madrid UC3M, Madrid, Spain

[5] Leonardo Finmeccan, Rome, Italy

[6] European Def Agcy EDA, Brussels, Belgium

来源：

15TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, ARES 2020 | 2020年

关键词：

Advanced Persistent Threat; Cyber Defence; Cyber Situational Awareness; Dataset; Network Security;

D O I：

10.1145/3407023.3409222

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The lack of suitable datasets and evaluation processes entails one of the most challenging gaps on the digital transformation era, where data-driven solutions like machine learning algorithms constitute a key pillar of the digitalization, virtualization and analytical on the emerging cyber-physical and ergonomic capabilities. This problem is even greater in the cyber defence domain, where for security or technical reasons, there is not data publicly or on-demand available concerning the role of the cyberspace on military operations. In this context, the expression popularized by the machine learning community "you go to the war with the data you have, not the data you might want" can be literally applied. In order to contribute to overcome this gap, this paper introduces CYSAS-S3, a novel dataset designed and created as the result of a research action that explores the principal needs on datasets by cyber commands, resulting in the generation of a collection of samples that correlated the impact of Advanced Persistent Threat (APT) behaviours and each phase of their cyber kill chain, regarding mission-level operations and goals.

引用

页数：9

共 30 条

[1]

Berkeley Lab, 2016, LBNL dataset

[2]

Bigelow B., 2017, P 9 INT C CYB CONFL

[3] A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection [J].

Buczak, Anna L. ;

Guven, Erhan .

IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2016, 18 (02) :1153-1176

[4]

CAIDA UCSD, 2017, DDoS Attack 2007 Dataset

[5]

Canadian Institute for Cybersecurity (CIC), 2012, Intrusion detection evaluation dataset (ISCXIDS2012)

[6]

DARPA, 2018, DARPA intrusion detection evaluation

[7]

Demertzis K., 2018, Big Data and Cognitive Computing, V2, DOI DOI 10.3390/BDCC2040035

[8] The Next Generation Cognitive Security Operations Center: Adaptive Analytic Lambda Architecture for Efficient Defense against Adversarial Attacks [J].

Demertzis, Konstantinos ;

Tziritas, Nikos ;

Kikiras, Panayiotis ;

Sanchez, Salvador Llopis ;

Iliadis, Lazaros .

BIG DATA AND COGNITIVE COMPUTING, 2019, 3 (01) :1-21

[9]

EiDAS 910/2014 European Parliament, 2014, On Electronic Identification and Trust Services for Electronic Transactions in the Internal Market and Repealing Directive 1999/93/EC

[10]

European Defence Agency, 2018, 2018 EU Capability Development Priorities

← 1 2 3 →