Share Email Print
cover

Proceedings Paper

Situational awareness of a coordinated cyber attack
Author(s): Moises Sudit; Adam Stotz; Michael Holender
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

Paper Details

Date Published: 28 March 2005
PDF: 16 pages
Proc. SPIE 5812, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, (28 March 2005); doi: 10.1117/12.606980
Show Author Affiliations
Moises Sudit, SUNY/Buffalo (United States)
Adam Stotz, Calspan-UB Research Ctr., Inc. (United States)
Michael Holender, SUNY/Buffalo (United States)


Published in SPIE Proceedings Vol. 5812:
Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005
Belur V. Dasarathy, Editor(s)

© SPIE. Terms of Use
Back to Top