A Framework for Threat Detection in Communication Systems

被引：2

作者：

Sisiaridis, Dimitrios ^{[1
]}

Carcillo, Fabrizio ^{[2
]}

Markowitch, Olivier ^{[1
]}

机构：

[1] Univ Libre Bruxelles, Dept Informat, QualSec Grp, Brussels, Belgium

[2] Univ Libre Bruxelles, Dept Informat, Machine Learning Grp, Brussels, Belgium

来源：

20TH PAN-HELLENIC CONFERENCE ON INFORMATICS (PCI 2016) | 2016年

关键词：

threat detection; Big Data; pattern matching; kill chain model; machine learning;

D O I：

10.1145/3003733.3003759

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

We propose a modular framework which deploys state-of-the art techniques in dynamic pattern matching as well as machine learning algorithms for Big Data predictive and behavioural analytics to detect threats and attacks in Managed File Transfer and collaboration platforms. We leverage the use of the kill chain model by looking for indicators of compromise either for long-term attacks as Advanced Persistent Threats, zero-day attacks or DDoS attacks. The proposed engine can act complimentary to existing security services as SIEMs, IDS, IPS and firewalls.

引用

页数：6

共 13 条

[1] [Anonymous], 2011, LEADING ISSUES INFOR
[2] [Anonymous], 2009, NATURAL LANGUAGE PRO, DOI DOI 10.1007/S10579-010-9124-X
[3] Barreno Marco, 2006, P 2006 ACM S INFORM, P16
[4] Challagulla V., 2009, Machine Learning in Cyber Trust: Reliability, Security, Privacy, P279
[5] Eberle W., 2009, MACHINE LEARNING CYB, V2, P73, DOI DOI 10.1007/978-0-387-88735-7_4
[6] ENISA, 2013, TECHNICAL REPORT
[7] Kalyan V, 2016, IEEE INT C BIG DAT S
[8] Machine learning in adversarial environments
Laskov, Pavel
Lippmann, Richard
[J]. MACHINE LEARNING, 2010, 81 (02) : 115 - 119
[9] Mihai-Gabriel I, 2014, INT SYMP COMP INTELL, P319, DOI 10.1109/CINTI.2014.7028696
[10] Shaneck M., 2009, Machine learning in cyber trust, P247, DOI DOI 10.1007/978-0-387-88735-7_10

← 1 2 →