Sciweavers

SDM
2008
SIAM

Gaussian Process Learning for Cyber-Attack Early Warning

14 years 1 months ago
Gaussian Process Learning for Cyber-Attack Early Warning
Network security has been a serious concern for many years. For example, firewalls often record thousands of exploit attempts on a daily basis. Network administrators could benefit from information on potential aggressive attack sources, as such information can help to proactively defend their networks. For this purpose, several large-scale information sharing systems have been established, in which information on cyber attacks targeting each participant network is shared such that a network can be forewarned of attacks observed by others. However, the total number of reported attackers is huge in these systems. Thus, a challenging problem is to identify the attackers that are most relevant to each individual network (i.e., most likely to come to that network in the near future). We present a framework to estimate the relevance of each attacker with respect to each network. In particular, we model each attacker's relevance as a function over the networks. Different attackers have...
Jian Zhang 0004, Phillip A. Porras, Johannes Ullri
Added 30 Oct 2010
Updated 30 Oct 2010
Type Conference
Year 2008
Where SDM
Authors Jian Zhang 0004, Phillip A. Porras, Johannes Ullrich
Comments (0)