Experience-based cyber security analytics
Experience-based cyber security analytics(2013)
摘要
As the demand for computational resources and connectivity increases and contemporary computer network systems become more complex, the management of cyber security is progressively becoming a serious issue. Cyber situation recognition is a challenging problem, particularly when the network size is large. The amount of data produced by existing intrusion detection tools and sensors usually significantly exceeds the cognition throughput of a human analyst. In attempting to align a huge amount of information and the limited human cognitive load, a critical disconnection between human cognition and cyber security tools has been identified. Although the problem of cyber intrusion detection has been studied from several perspectives using various approaches, the key component to bridging the gap between existing tools and human analysts' experiences is missing. A method to capture and leverage cyber security expertise for situation recognition from a high-level viewpoint on the entire network is important, but it is rarely mentioned in the literature. The goal of this research is to address the problem of cyber intrusion recognition from the viewpoint of leveraging cyber experts' experiences and reflections. We developed a systematic approach to capture and utilize experiences and re ections of security analysts to enhance cyber situation awareness. The contributions of the research include: 1) proposing an approach to enable systematic capture of experience and reflection of cyber security analysts; 2) enhancing the recognition of cyber situations using the captured experiences of cyber security analysts; 3) providing a knowledge-based strategy for relaxing the constraints of Horn logic-based experience patterns to enhance their utilization; and 4) demonstrating the benefit of experience-based cyber situation recognition through simulations.
更多查看译文
关键词
Experience-based cyber security analytics,cyber situation,cyber security,cyber situation awareness,cyber security tool,cyber intrusion detection,cyber situation recognition,cyber expert,cyber security analyst,experience-based cyber situation recognition,cyber intrusion recognition
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络