Weitere Kapitel dieses Buchs durch Wischen aufrufen
The rapid and widespread advancement of cyber-threats within the past few years has had a profound impact on virtually everyone, from ordinary people to governments and local organizations. This has caused cyber security to be considered a global challenge now, and new software and hardware intrusion detection algorithms are being developed which increasingly require human cognition based innovative approaches to detect and further prevent malicious activities of adversaries. Although, state-of-the-art learning algorithms have been employed to find concealed attack patterns embedded within normal internet packet flows and endpoint data, they still rely heavily on known signatures or known behaviors, which are unavailable for an unknown threat. Furthermore, to evade detection, new complex cyber-attacks have deviously resorted to mimicking the single scale features of normal internet flows and to produce overlapped features in an algorithm’s classification feature space. Consequently, the extraction of actionable information from a real-world data set for reliable classification of cyber-threats requires a deeper analysis than that afforded by conventional single scale analysis tools. Chaos theory, fractals, and wavelets are important mathematical tools that can be used to perform multiscale analysis of a data set to extract the deeply hidden irregularities and thus detect anomalies. These techniques utilize the properties of scale and complexity of an object to reveal finer details, which are otherwise impossible to be uncovered by coarser single scale analysis. Moreover, these methods aim to emulate human cognition in decision making and reasoning and therefore, are also known as cognitive computing and computationally intelligent tools. This chapter elaborates the significance of incorporating multiscale analysis and cognitive computing concepts into current anomaly detection mechanisms. Particularly, inseparability and class overlap of cyber feature space is illustrated to emphasize the critical importance of multiscale analysis in cyber security domain. There is a vast research potential in this domain as highlighted by the relevant examples and references in this chapter.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
Wood, P., et al. (2016). Internet security threat report. Symantec Corporation.
Marinos, L., Belmonte, A., & Rekleitis, E. (2016). ENISA threat landscape 2015. Greece: The European Union Agency for Network and Information Security (ENISA).
Bradley, N. (2016). Reviewing a year of serious data breaches, major attacks and new vulnerabilities. IBM X-Force ® Research.
Lee, N. (2016). Exploits at the endpoint: SANS 2016 threat landscape survey. SANS Institute.
Vijayan, J. (2016 Dec 19). 5 ways the cyber-threat landscape shifted in 2016, Dark Reading [Online]. Available: http://www.darkreading.com
Rauterberg, M. (1992). A method of a quantitative measurement of cognitive complexity. In proceedings of the 6th European conference on cognitive ergonomics, ECCE’92.
Bennet, C. H. (2003). How to define complexity in physics, and why (Vol. 8, pp. 34–47). Oxford: Oxford University Press.
Brasil, L. M., Azevedo, F. M. de, Barreto, J. M., & Noirhomme-Fraiture, M. (1998). Complexity and cognitive computing. In proceeding of 11th international conference on industrial and engineering applications of artificial intelligence and expert systems.
Kinsner, W. (2008). Complexity and its measures in cognitive and other complex systems. In Proceedings of the IEEE international conference on cognitive informatics and cognitive computing.
Edmonds, B. (1999). Syntactic measures of complexity. Dissertation, University of Manchester, Manchester, UK.
Kinsner, W. (2010). System complexity and its measures: How complex is complex. Advances in Cognitive Informatics and Cognitive Computing Studies in Computational Intelligence, 323, 265–295. CrossRef
Belcher, P. (2016). Hash factory: New cerber ransomware morphs every 15 seconds [Online]. Available: https://www.invincea.com
Virendra, M., Duan, Q., & Upadhyaya, S. (2012). Detecting cheating aggregators and report dropping attacks in Wireless Sensor Networks. Journal of Wireless Technologies: Concepts, Methodologies, Tools and Applications, 1(3), 565–586.
Wozniak, M., Grana, M., & Corchado, E. (2014). A survey of multiple classifier systems as hybrid systems. Information Fusion - Special Issue on Information Fusion in Hybrid Intelligent Fusion Systems, 16, 3–17.
Moustafa, N., & Slay, J. (2014). ADFA-NB15-Datasets - UNSW-NB15 network packets and flows captures, cyber range lab of the Australian centre for cyber security. New South Wales: University of New South Wales, Australia.
Fan, J., Li, Q., & Wang, Y. (2017). Estimation of high dimensional mean regression in the absence of symmetry and light tail assumptions. Journal of the Royal Statistical Society: Series B (Statistical Methodology), 19(1) 247–265.
Mandelbrot, B. B. (1977). Fractals, Form, Chance and Dimension (1st ed.). W. H. Freeman. MATH
Mandelbrot, B. B. (1967). How long is the coast of Britain? Science, 156(3775), 636–638. CrossRef
Khan, M. S., Ferens, K., & Kinsner, W. (2015). A polyscale based autonomous sliding window algorithm for cognitive machine classification of malicious internet traffic. In Proceeding of the international conference on security and management (SAM’15), WordComp’15, Nevada, USA.
Khan, M. S., Ferens, K., & Kinsner, W. (2015). Multifractal singularity spectrum for cognitive cyber defence in internet time series. International Journal of Software Science and Computational Intelligence (IJSSCI), 7(3), 17–45. CrossRef
Kim, E.-S., San, M., & Sawada, Y. (1993). Fractal neural network: Computational performance as an associative memory. Progress of Theoretical Physics, 89(5), 965–972. CrossRef
Bieberich, E. (2002). Recurrent fractal neural networks: a strategy for the exchange of local and global information processing in the brain. Biosystems, 66(3), 145–164. CrossRef
Zhao, L., Li, W., Geng, L., & Ma, Y. (2011). Artificial neural networks based on fractal growth. In Advances in automation and robotics, (Vol. 123, pp. 323–330), Springer, Berlin.
Siddiqui, S., Khan, M. S., Ferens, K., & Kinsner, W. (2016). Detecting advanced persistent threats using fractal dimension based machine learning classification. In Proceedings of the 2016 ACM on International workshop on security and privacy analytics, CODASPY’16, New Orleans, LA.
Khan, M. S., Ferens, K., & Kinsner, W. (2015). A cognitive multifractal approach to characterize complexity of non-stationary and malicious DNS data traffic using adaptive sliding window. In Proceedings of IEEE 14th international conference on cognitive informatics & cognitive computing (ICCI*CC).
Houtveen, J. H., & Molenaar, P. C. M. (2001). Comparison between the Fourier and Wavelet methods of spectral analysis applied to stationary and nonstationary heart period data. Psychophysiology, 38(5), 729–735. CrossRef
Jaffard, S., Abry, P., Roux, S., Vedel, B., & Wendt, H. (2010). The contribution of wavelets in multifractal analysis. In Damlamian, A., & Jaffard, S. (Eds), Wavelet methods in mathematical analysis and engineering. Singapore :World Scientific.
Gupta, B., Agrawal, D. P., & Yamaguchi, S. (2016). Handbook of research on modern cryptographic solutions for computer and cyber security. Hershey, PA: IGI Global. CrossRef
Boukhtouta, A., Mokhov, S. A., Lakhdari, N.-E., Debbabi, M., & Paquet, J. (2016). Network malware classification comparison using DPI and flow packet headers. Journal of Computer Virology and Hacking Techniques, 12(2), 69–100. CrossRef
Ji, S.-Y., Jeong, B.-K., Choi, S., & Jeong, D. H. (2016). A multi-level intrusion detection method for abnormal network behaviors. Journal of Network and Computer Applications, 62, 9–17. CrossRef
PREDICT USC-Lander, DoS_DNS_amplification (2013). Scrambled internet measurement, PREDICT ID USC-Lander/DoS_DNS_amplification-20130617 (2013-06-17) to (2013-06-17) provided by the USC/Lander Project.
Siddiqui, S., Khan, M. S., Ferens, K., & Kinsner, W. (2017). Fractal based cognitive neural network to detect obfuscated and indistinguishable internet threats. In Proceedings of the IEEE 16th International Conference on Cognitive Informatics and Cognitive Computing (ICCI×CC).
- Cognitive Computing and Multiscale Analysis for Cyber Security
Muhammad Salman Khan
- Chapter 29