Beyond data: Contextual information fusion for cyber security analytics

Ahmed Al Eroud, George Karabatis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

A major challenge of the existing attack detection approaches is the identification of relevant information to a particular situation, and the use of such information to perform multi-evidence intrusion detection. Addressing such a limitation requires integrating several aspects of context to better predict, avoid and respond to impending attacks. The quality and adequacy of contextual information is important to decrease uncertainty and correctly identify potential cyber-attacks. In this paper, a systematic methodology has been used to identify contextual dimensions that improve the effectiveness of detecting cyber-attacks. This methodology combines graph, probability, and information theories to create several context-based attack prediction models that analyze data at a high- and low-level. An extensive validation of our approach has been performed using a prototype system and several benchmark intrusion detection datasets yielding very promising results.

Original languageEnglish (US)
Title of host publication2016 Symposium on Applied Computing, SAC 2016
PublisherAssociation for Computing Machinery
Pages73-79
Number of pages7
ISBN (Electronic)9781450337397
DOIs
StatePublished - Apr 4 2016
Externally publishedYes
Event31st Annual ACM Symposium on Applied Computing, SAC 2016 - Pisa, Italy
Duration: Apr 4 2016Apr 8 2016

Publication series

NameProceedings of the ACM Symposium on Applied Computing
Volume04-08-April-2016

Conference

Conference31st Annual ACM Symposium on Applied Computing, SAC 2016
Country/TerritoryItaly
CityPisa
Period4/4/164/8/16

Keywords

  • Context
  • Information fusion
  • Intrusion detection
  • Security

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'Beyond data: Contextual information fusion for cyber security analytics'. Together they form a unique fingerprint.

Cite this