Early Staged Cyber Incidents Detection in Critical Infrastructures

Authors

  • A. Anskaitis
  • T. Baksys
  • N. Blazys
  • R. Rainys Kazimieras Simonavicius University

Keywords:

security, cyber-attack, incident detection, traffic anomaly

Abstract

The aim of the research is to create cyber incidents early detection model based on network traffic and OS-based system analyses. Developed cyber attacks detection model is based on anomalies measurements. With the 11 selected parameters and measurement software for real-time data traffic analyze, anomalies in traffic observed during cyber-attack simulation process. For OS-based system similar approach used with 4 selected parameters and Neural-networks classification method. This measurement solution detects anomalies in parameters sets and indicates cyber incidents.

Author Biography

R. Rainys, Kazimieras Simonavicius University

Born in 24/06/1976. Defended Ph.D. in 2011 in the area of Technology Sciences from Vilnius Gedimino Technical University (VGTU), Lithuania. Assoc. Prof. at Kazimieras Simonavicius University

References

Communications Regulatory Authority of the Republic of Lithuania. National incidents response team CERT-LT report for 2015. Source: https://www.cert.lt/doc/2015.pdf.

ENISA. Analysis of ICS-SCADA Cyber Security Maturity Levels in Critical Sectors. 2015. Source: https://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/scada-industrial-control-systems/maturity-levels/at_download/fullReport.

R. Sommer, V. Paxson. Outside the Closed World: On Using Machine Learning For Network Intrusion Detection. 2010. Publisher: IEEE.

V. Chandola, A. Banerjee, and V. Kumar. Anomaly detection: A survey. 2009. ACM Comput. Surv. 41, 3, Article 15 (July 2009), 58 pages. DOI = 10.1145/1541880.1541882 http://doi.acm.org/10.1145/1541880.1541882

C. F. Tsai, Y. F. Hsu, C. Lin, W. Lin.; Intrusion detection by machine learning: a review. Experts Systems with Applications, 36(10): 11994-12000, 2009

Cheng-Yuan Ho, Ying-Dar Lin, Yuan-Cheng Lai, I-Wei Chen, Fu-Yu Wang, and Wei-Hsuan Tai, „False Positives and Negatives from Real Traffic with Intrusion Detection/Prevention Systems“, International Journal of Future Computer and Communication, vol. 1, No. 2, August 2012, pp. 87 – 90.

Natesan, P., P. Balasubramanie, G. Gowrison, „Improving the Attack Detection Rate in Network Intrusion Detection using Adaboost Algorithm“, Journal of Computer Science 8 (7): 1041-1048, 2012 ISSN 1549-3636 2012 Science Publications.

James Cannady, Artificial Neural Networks for Misuse Detection.

Srinivas Mukkamala, Guadalupe Janoski, Andrew Sung, “Intrusion Detection: Support Vector Machines and Neural Networksâ€, 2002.

Tapas Kanungo, An Efficient k-Means Clustering Algorithm: Analysis and Implementation., IEEE transactions on pattern analysis and machine intelligence, VOL. 24, NO. 7, 2002.

Downloads

Published

2016-10-16

How to Cite

Anskaitis, A., Baksys, T., Blazys, N., & Rainys, R. (2016). Early Staged Cyber Incidents Detection in Critical Infrastructures. Asian Journal of Computer and Information Systems, 4(5). Retrieved from https://ajouronline.com/index.php/AJCIS/article/view/4015