Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system
Almost all the organisations and even individuals rely on complex structures of
data networks and networked computer systems. That complex data ensemble,
the cyber domain, provides great opportunities, but at the same time it offers
many possible attack vectors that can be abused for cyber vandalism, cyber crime,
cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation concentrates on research and development of anomaly-based network
intrusion detection system as a sensor for a situational awareness system. In this
dissertation, several models of intrusion detection systems are developed using
clustering-based data-mining algorithms for creating a model of normal user behaviour and finding similarities and dissimilarities compared to that model. That
information can be used as a sensor feed in a situational awareness system in cyber security. A model of cyber security situational awareness system with multisensor fusion capability is presented in this thesis. Also a model for exchanging
the information of cyber security situational awareness is generated. The constructed intrusion detection system schemes are tested with different scenarios
even in online mode with real user data.
...
Julkaisija
University of JyväskyläISBN
978-951-39-6832-8ISSN Hae Julkaisufoorumista
1456-5390Asiasanat
Metadata
Näytä kaikki kuvailutiedotKokoelmat
- Väitöskirjat [3599]
Lisenssi
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
Intrusion detection applications using knowledge discovery and data mining
Juvonen, Antti (University of Jyväskylä, 2014) -
Unsupervised network intrusion detection systems for zero-day fast-spreading network attacks and botnets
Vahdani Amoli, Payam (University of Jyväskylä, 2015)Today, the occurrence of zero-day and complex attacks in high-speed networks is increasingly common due to the high number vulnerabilities in the cyber world. As a result, intrusions become more sophisticated and fast ... -
UInDeSI4.0 : An efficient Unsupervised Intrusion Detection System for network traffic flow in Industry 4.0 ecosystem
Shukla, Amit, K.; Srivastav, Shubham; Kumar, Sandeep; Muhuri, Pranab, K. (Elsevier BV, 2023)In an Industry 4.0 ecosystem, all the essential components are digitally interconnected, and automation is integrated for higher productivity. However, it invites the risk of increasing cyber-attacks amid the current cyber ... -
Adaptive framework for network traffic classification using dimensionality reduction and clustering
Juvonen, Antti; Sipola, Tuomo (IEEE, 2012)Information security has become a very important topic especially during the last years. Web services are becoming more complex and dynamic. This offers new possibilities for attackers to exploit vulnerabilities by inputting ... -
On data mining applications in mobile networking and network security
Zolotukhin, Mikhail (University of Jyväskylä, 2014)
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.