Monitoring security events using integrated correlation-based techniques

Authors:
Qishi Wu;Denise Ferebee;Yunyue Lin;Dipankar Dasgupta
Affiliations:
University of Memphis, Memphis, TN;University of Memphis, Memphis, TN;University of Memphis, Memphis, TN;University of Memphis, Memphis, TN
Venue:
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Year:
2009

Citing 0
Cited 2

On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks

SpringSim '10 Proceedings of the 2010 Spring Simulation Multiconference
A hybrid defense mechanism for DDoS attacks using cluster analysis in MANET

Proceedings of the International Conference on Advances in Computing, Communications and Informatics

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose an adaptive cyber security monitoring system that integrates a number of component techniques to collect time-series situation information, perform intrusion detection, and characterize and identify security events so corresponding defense actions can be taken in a timely and effective manner. We employ a decision fusion algorithm with analytically proven performance guarantee for intrusion detection based on local votes from distributed sensors. The security events in the proposed system are represented as forms of correlation networks using random matrix theory and identified through the computation of network similarity measurement. Extensive simulation results on event identification illustrate the efficacy of the proposed system.