Online Program Home
  My Program

Abstract Details

Activity Number: 141 - Statistical Analysis of Cyber-Security Data
Type: Invited
Date/Time: Monday, July 31, 2017 : 10:30 AM to 12:20 PM
Sponsor: Royal Statistical Society
Abstract #321948 View Presentation
Title: Adaptive Threshold Selection for Trust-Based Intrusion Detection Systems
Author(s): Younghun Chae and Natallia V Katenka* and Lisa DiPippo
Companies: University of Rhode Island and University of Rhode Island and University of Rhode Island
Keywords: anomaly detection ; outliers ; trust management ; adaptive threhold ; bipartite graph ; heavy-tailed distribution
Abstract:

Data analysis of complex behaviors, intrusion attacks and system failures inherent in the IT systems became one of the key strategies for ensuring the security of cyber assets. Data-driven anomaly detection methods can offer an appealing alternative to existing signature-based intrusion detection systems by capturing previously unseen attacks. In this project, we try to develop efficient rules that distinguish between normal and abnormal behavior in a given period and over time that can also adapt to relational and dynamic changes in the cyber environment. Specifically, we represent the network flow data as a bipartite graph and then adopt an outlier detection approach for heavy-tailed distributions to develop an adaptive threshold method for node behavior characterization. Further, we introduce a trust management scheme for aggregation of node behaviors over time and evaluation of overall node 'trustworthiness' over a full time period. Using the data collected by the European ISP and the University of Rhode Island, we demonstrate the superior performance and real-time applicability of the proposed adaptive threshold selection method for trust-based detection systems.


Authors who are presenting talks have a * after their name.

Back to the full JSM 2017 program

 
 
Copyright © American Statistical Association