Early Warning Systems for Cyber Defence

H. Kalutarage, Siraj Shaikh, B.-S. Lee, C. Lee, Y. C. Kiat

Research output: Chapter in Book/Report/Conference proceedingChapter

2 Citations (Scopus)

Abstract

Cybercriminals ramp up their efforts with sophisticated techniques while defenders gradually update their typical security measures. Attackers often have a long-term interest in their targets. Due to a number of factors such as scale, architecture and nonproductive traffic however it makes difficult to detect them using typical intrusion detection techniques. Cyber early warning systems (CEWS) aim at alerting such attempts in their nascent stages using preliminary indicators. Design and implementation of such systems involves numerous research challenges such as generic set of indicators, intelligence gathering, uncertainty reasoning and information fusion. This paper discusses such challenges and presents the reader with compelling motivation. A carefully deployed empirical analysis using a real world attack scenario and a real network traffic capture is also presented.
Original languageEnglish
Title of host publicationOpen Problems in Network Security
EditorsJan Camenisch, Doğan Kesdoğan
Place of PublicationSwitzerland
PublisherSpringer Verlag
Pages29-42
Volume9591
ISBN (Print)978-3-319-39027-7, 978-3-319-39028-4
DOIs
Publication statusPublished - 2016
EventIFIP WG 11.4 International Workshop - Zurich, Switzerland
Duration: 29 Oct 201529 Oct 2015

Workshop

WorkshopIFIP WG 11.4 International Workshop
Abbreviated titleiNetSec 2015
CountrySwitzerland
CityZurich
Period29/10/1529/10/15

Fingerprint

Information fusion
Alarm systems
Uncertainty

Bibliographical note

The full text is not available on the repository.

Keywords

  • Bayesian inference
  • Cyber defence
  • Cyber warfare
  • Future
  • internet
  • Early warning systems

Cite this

Kalutarage, H., Shaikh, S., Lee, B-S., Lee, C., & Kiat, Y. C. (2016). Early Warning Systems for Cyber Defence. In J. Camenisch, & D. Kesdoğan (Eds.), Open Problems in Network Security (Vol. 9591, pp. 29-42). Switzerland: Springer Verlag. https://doi.org/10.1007/978-3-319-39028-4_3

Early Warning Systems for Cyber Defence. / Kalutarage, H.; Shaikh, Siraj; Lee, B.-S.; Lee, C.; Kiat, Y. C.

Open Problems in Network Security. ed. / Jan Camenisch; Doğan Kesdoğan. Vol. 9591 Switzerland : Springer Verlag, 2016. p. 29-42.

Research output: Chapter in Book/Report/Conference proceedingChapter

Kalutarage, H, Shaikh, S, Lee, B-S, Lee, C & Kiat, YC 2016, Early Warning Systems for Cyber Defence. in J Camenisch & D Kesdoğan (eds), Open Problems in Network Security. vol. 9591, Springer Verlag, Switzerland, pp. 29-42, IFIP WG 11.4 International Workshop, Zurich, Switzerland, 29/10/15. https://doi.org/10.1007/978-3-319-39028-4_3
Kalutarage H, Shaikh S, Lee B-S, Lee C, Kiat YC. Early Warning Systems for Cyber Defence. In Camenisch J, Kesdoğan D, editors, Open Problems in Network Security. Vol. 9591. Switzerland: Springer Verlag. 2016. p. 29-42 https://doi.org/10.1007/978-3-319-39028-4_3
Kalutarage, H. ; Shaikh, Siraj ; Lee, B.-S. ; Lee, C. ; Kiat, Y. C. / Early Warning Systems for Cyber Defence. Open Problems in Network Security. editor / Jan Camenisch ; Doğan Kesdoğan. Vol. 9591 Switzerland : Springer Verlag, 2016. pp. 29-42
@inbook{970e891b05ba4ea6b1b3479b68281397,
title = "Early Warning Systems for Cyber Defence",
abstract = "Cybercriminals ramp up their efforts with sophisticated techniques while defenders gradually update their typical security measures. Attackers often have a long-term interest in their targets. Due to a number of factors such as scale, architecture and nonproductive traffic however it makes difficult to detect them using typical intrusion detection techniques. Cyber early warning systems (CEWS) aim at alerting such attempts in their nascent stages using preliminary indicators. Design and implementation of such systems involves numerous research challenges such as generic set of indicators, intelligence gathering, uncertainty reasoning and information fusion. This paper discusses such challenges and presents the reader with compelling motivation. A carefully deployed empirical analysis using a real world attack scenario and a real network traffic capture is also presented.",
keywords = "Bayesian inference, Cyber defence, Cyber warfare, Future, internet, Early warning systems",
author = "H. Kalutarage and Siraj Shaikh and B.-S. Lee and C. Lee and Kiat, {Y. C.}",
note = "The full text is not available on the repository.",
year = "2016",
doi = "10.1007/978-3-319-39028-4_3",
language = "English",
isbn = "978-3-319-39027-7",
volume = "9591",
pages = "29--42",
editor = "Jan Camenisch and Doğan Kesdoğan",
booktitle = "Open Problems in Network Security",
publisher = "Springer Verlag",
address = "Austria",

}

TY - CHAP

T1 - Early Warning Systems for Cyber Defence

AU - Kalutarage, H.

AU - Shaikh, Siraj

AU - Lee, B.-S.

AU - Lee, C.

AU - Kiat, Y. C.

N1 - The full text is not available on the repository.

PY - 2016

Y1 - 2016

N2 - Cybercriminals ramp up their efforts with sophisticated techniques while defenders gradually update their typical security measures. Attackers often have a long-term interest in their targets. Due to a number of factors such as scale, architecture and nonproductive traffic however it makes difficult to detect them using typical intrusion detection techniques. Cyber early warning systems (CEWS) aim at alerting such attempts in their nascent stages using preliminary indicators. Design and implementation of such systems involves numerous research challenges such as generic set of indicators, intelligence gathering, uncertainty reasoning and information fusion. This paper discusses such challenges and presents the reader with compelling motivation. A carefully deployed empirical analysis using a real world attack scenario and a real network traffic capture is also presented.

AB - Cybercriminals ramp up their efforts with sophisticated techniques while defenders gradually update their typical security measures. Attackers often have a long-term interest in their targets. Due to a number of factors such as scale, architecture and nonproductive traffic however it makes difficult to detect them using typical intrusion detection techniques. Cyber early warning systems (CEWS) aim at alerting such attempts in their nascent stages using preliminary indicators. Design and implementation of such systems involves numerous research challenges such as generic set of indicators, intelligence gathering, uncertainty reasoning and information fusion. This paper discusses such challenges and presents the reader with compelling motivation. A carefully deployed empirical analysis using a real world attack scenario and a real network traffic capture is also presented.

KW - Bayesian inference

KW - Cyber defence

KW - Cyber warfare

KW - Future

KW - internet

KW - Early warning systems

U2 - 10.1007/978-3-319-39028-4_3

DO - 10.1007/978-3-319-39028-4_3

M3 - Chapter

SN - 978-3-319-39027-7

SN - 978-3-319-39028-4

VL - 9591

SP - 29

EP - 42

BT - Open Problems in Network Security

A2 - Camenisch, Jan

A2 - Kesdoğan, Doğan

PB - Springer Verlag

CY - Switzerland

ER -