Protecting Against Cyber Threats in Networked Information Systems

L. Ertoz, A. Lazarevic, E. Eilertson, Pang Ning Tan, Paul Dokas, V. Kumar, Jaideep Srivastava

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Citations (Scopus)

Abstract

This paper provides an overview of our efforts in detecting cyber attacks in networked information systems. Traditional signature based techniques for detecting cyber attacks can only detect previously known intrusions and are useless against novel attacks and emerging threats. Our current research at the University of Minnesota is focused on developing data mining techniques to automatically detect attacks against computer networks and systems. This research is being conducted as a part of MINDS (Minnesota Intrusion Detection System) project at the University of Minnesota. Experimental results on live network traffic at the University of Minnesota show that the new techniques show great promise in detecting novel intrusions. In particular, during the past few months our techniques have been successful in automatically identifying several novel intrusions that could not be detected using state-of-the-art tools such as SNORT.

Original languageEnglish
Title of host publicationProceedings of SPIE - The International Society for Optical Engineering
EditorsR. Suresh
Pages51-56
Number of pages6
Volume5101
DOIs
Publication statusPublished - 2003
Externally publishedYes
EventPROCEEDINGS OF SPIE SPIE - The International Society for Optical Engineering:Battlespace Digitization and Network-Centric Systems III - Orlando, FL, United States
Duration: 23 Apr 200325 Apr 2003

Other

OtherPROCEEDINGS OF SPIE SPIE - The International Society for Optical Engineering:Battlespace Digitization and Network-Centric Systems III
CountryUnited States
CityOrlando, FL
Period23/4/0325/4/03

Fingerprint

information systems
attack
Information systems
intrusion
Intrusion detection
Computer networks
Data mining
Computer systems
computer networks
data mining
traffic
emerging
signatures

Keywords

  • Anomaly / outlier detection
  • Characterization
  • Cyber threat analysis
  • Data mining
  • Learning from rare classes
  • Network intrusion detection

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Condensed Matter Physics

Cite this

Ertoz, L., Lazarevic, A., Eilertson, E., Tan, P. N., Dokas, P., Kumar, V., & Srivastava, J. (2003). Protecting Against Cyber Threats in Networked Information Systems. In R. Suresh (Ed.), Proceedings of SPIE - The International Society for Optical Engineering (Vol. 5101, pp. 51-56) https://doi.org/10.1117/12.487410

Protecting Against Cyber Threats in Networked Information Systems. / Ertoz, L.; Lazarevic, A.; Eilertson, E.; Tan, Pang Ning; Dokas, Paul; Kumar, V.; Srivastava, Jaideep.

Proceedings of SPIE - The International Society for Optical Engineering. ed. / R. Suresh. Vol. 5101 2003. p. 51-56.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ertoz, L, Lazarevic, A, Eilertson, E, Tan, PN, Dokas, P, Kumar, V & Srivastava, J 2003, Protecting Against Cyber Threats in Networked Information Systems. in R Suresh (ed.), Proceedings of SPIE - The International Society for Optical Engineering. vol. 5101, pp. 51-56, PROCEEDINGS OF SPIE SPIE - The International Society for Optical Engineering:Battlespace Digitization and Network-Centric Systems III, Orlando, FL, United States, 23/4/03. https://doi.org/10.1117/12.487410
Ertoz L, Lazarevic A, Eilertson E, Tan PN, Dokas P, Kumar V et al. Protecting Against Cyber Threats in Networked Information Systems. In Suresh R, editor, Proceedings of SPIE - The International Society for Optical Engineering. Vol. 5101. 2003. p. 51-56 https://doi.org/10.1117/12.487410
Ertoz, L. ; Lazarevic, A. ; Eilertson, E. ; Tan, Pang Ning ; Dokas, Paul ; Kumar, V. ; Srivastava, Jaideep. / Protecting Against Cyber Threats in Networked Information Systems. Proceedings of SPIE - The International Society for Optical Engineering. editor / R. Suresh. Vol. 5101 2003. pp. 51-56
@inproceedings{5c027d50043d4ca288d12837b7ccd227,
title = "Protecting Against Cyber Threats in Networked Information Systems",
abstract = "This paper provides an overview of our efforts in detecting cyber attacks in networked information systems. Traditional signature based techniques for detecting cyber attacks can only detect previously known intrusions and are useless against novel attacks and emerging threats. Our current research at the University of Minnesota is focused on developing data mining techniques to automatically detect attacks against computer networks and systems. This research is being conducted as a part of MINDS (Minnesota Intrusion Detection System) project at the University of Minnesota. Experimental results on live network traffic at the University of Minnesota show that the new techniques show great promise in detecting novel intrusions. In particular, during the past few months our techniques have been successful in automatically identifying several novel intrusions that could not be detected using state-of-the-art tools such as SNORT.",
keywords = "Anomaly / outlier detection, Characterization, Cyber threat analysis, Data mining, Learning from rare classes, Network intrusion detection",
author = "L. Ertoz and A. Lazarevic and E. Eilertson and Tan, {Pang Ning} and Paul Dokas and V. Kumar and Jaideep Srivastava",
year = "2003",
doi = "10.1117/12.487410",
language = "English",
volume = "5101",
pages = "51--56",
editor = "R. Suresh",
booktitle = "Proceedings of SPIE - The International Society for Optical Engineering",

}

TY - GEN

T1 - Protecting Against Cyber Threats in Networked Information Systems

AU - Ertoz, L.

AU - Lazarevic, A.

AU - Eilertson, E.

AU - Tan, Pang Ning

AU - Dokas, Paul

AU - Kumar, V.

AU - Srivastava, Jaideep

PY - 2003

Y1 - 2003

N2 - This paper provides an overview of our efforts in detecting cyber attacks in networked information systems. Traditional signature based techniques for detecting cyber attacks can only detect previously known intrusions and are useless against novel attacks and emerging threats. Our current research at the University of Minnesota is focused on developing data mining techniques to automatically detect attacks against computer networks and systems. This research is being conducted as a part of MINDS (Minnesota Intrusion Detection System) project at the University of Minnesota. Experimental results on live network traffic at the University of Minnesota show that the new techniques show great promise in detecting novel intrusions. In particular, during the past few months our techniques have been successful in automatically identifying several novel intrusions that could not be detected using state-of-the-art tools such as SNORT.

AB - This paper provides an overview of our efforts in detecting cyber attacks in networked information systems. Traditional signature based techniques for detecting cyber attacks can only detect previously known intrusions and are useless against novel attacks and emerging threats. Our current research at the University of Minnesota is focused on developing data mining techniques to automatically detect attacks against computer networks and systems. This research is being conducted as a part of MINDS (Minnesota Intrusion Detection System) project at the University of Minnesota. Experimental results on live network traffic at the University of Minnesota show that the new techniques show great promise in detecting novel intrusions. In particular, during the past few months our techniques have been successful in automatically identifying several novel intrusions that could not be detected using state-of-the-art tools such as SNORT.

KW - Anomaly / outlier detection

KW - Characterization

KW - Cyber threat analysis

KW - Data mining

KW - Learning from rare classes

KW - Network intrusion detection

UR - http://www.scopus.com/inward/record.url?scp=0344945591&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0344945591&partnerID=8YFLogxK

U2 - 10.1117/12.487410

DO - 10.1117/12.487410

M3 - Conference contribution

VL - 5101

SP - 51

EP - 56

BT - Proceedings of SPIE - The International Society for Optical Engineering

A2 - Suresh, R.

ER -