Visible to the public An Experiment Using Factor Graph for Early Attack DetectionConflict Detection Enabled

TitleAn Experiment Using Factor Graph for Early Attack Detection
Publication TypeThesis
Year of Publication2015
AuthorsPhuong Cao, University of Illinois at Urbana-Champaign
Academic DepartmentComputer Science
UniversityUniversity of Illinois at Urbana-Champaign
Thesis TypeMaster of Science
KeywordsData Driven Security Models and Analysis, NSA SoS Lablets Materials, science of security, UIUC
Abstract

This paper presents a factor graph based framework (namely AttackTagger)
for high accuracy and preemptive detection of attacks. We use security logs
on real-incidents that occurred over a six-year period at the National Cen-
ter for Supercomputing Applications (NCSA) at the University of Illinois at
Urbana-Champaign to evaluate AttackTagger. Our data consist of attacks
that led directly to the target system being compromised, i.e., not detected
in advance, either by the security analysts or by intrusion detection sys-
tems. AttackTagger detected 74 percent of attacks, a vast majority of them
were detected before the system misuse. AttackTagger uncovered six hidden
attacks that were not detected by security analysts.

Citation Keynode-32305

Other available formats:

An Experiment Using Factor Graph for Early Attack Detection