Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks. (October 2015)
- Record Type:
- Journal Article
- Title:
- Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks. (October 2015)
- Main Title:
- Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks
- Authors:
- Kalutarage, Harsha K.
Shaikh, Siraj A.
Wickramasinghe, Indika P.
Zhou, Qin
James, Anne E. - Abstract:
- Graphical abstract: Highlights: A scalable monitoring scheme for stealthy attacks on computer networks is presented. Bayesian fusion along with traffic sampling is used as a data reduction method. Stealthy activities can be detected using 10–20% size sampling rates. A tracing algorithm for anonymous stealthy activities to their sources is presented. The effect of network parameters on detection is investigated. Abstract: Stealthy attackers move patiently through computer networks – taking days, weeks or months to accomplish their objectives in order to avoid detection. As networks scale up in size and speed, monitoring for such attack attempts is increasingly a challenge. This paper presents an efficient monitoring technique for stealthy attacks. It investigates the feasibility of proposed method under number of different test cases and examines how design of the network affects the detection. A methodological way for tracing anonymous stealthy activities to their approximate sources is also presented. The Bayesian fusion along with traffic sampling is employed as a data reduction method. The proposed method has the ability to monitor stealthy activities using 10–20% size sampling rates without degrading the quality of detection.
- Is Part Of:
- Computers & electrical engineering. Volume 47(2015)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 47(2015)
- Issue Display:
- Volume 47, Issue 2015 (2015)
- Year:
- 2015
- Volume:
- 47
- Issue:
- 2015
- Issue Sort Value:
- 2015-0047-2015-0000
- Page Start:
- 327
- Page End:
- 344
- Publication Date:
- 2015-10
- Subjects:
- Stealthy attacks -- Bayesian fusion -- Network simulation -- Traffic sampling -- Anomaly detection
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2015.07.007 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 1837.xml