TY - GEN
T1 - Autonomic and integrated management for proactive cyber security (AIM-PSC)
AU - De La Peña Montero, Fabian
AU - Hariri, Salim
N1 - Publisher Copyright:
© 2017 Copyright is held by the owner/author(s).
PY - 2017/12/5
Y1 - 2017/12/5
N2 - The complexity, multiplicity, and impact of cyber-attacks have been increasing at an alarming rate despite the significant research and development investment in cyber security products and tools. The current techniques to detect and protect cyber infrastructures from these smart and sophisticated attacks are mainly characterized as being ad hoc, manual intensive, and too slow. We present in this paper AIM-PSC that is developed jointly by researchers at AVIRTEK and The University of Arizona Center for Cloud and Autonomic Computing that is inspired by biological systems, which can efficiently handle complexity, dynamism and uncertainty. In AIM-PSC system, an online monitoring and multi-level analysis are used to analyze the anomalous behaviors of networks, software systems and applications. By combining the results of different types of analysis using a statistical decision fusion approach we can accurately detect any types of cyber-attacks with high detection and low false alarm rates and proactively respond with corrective actions to mitigate their impacts and stop their propagation.
AB - The complexity, multiplicity, and impact of cyber-attacks have been increasing at an alarming rate despite the significant research and development investment in cyber security products and tools. The current techniques to detect and protect cyber infrastructures from these smart and sophisticated attacks are mainly characterized as being ad hoc, manual intensive, and too slow. We present in this paper AIM-PSC that is developed jointly by researchers at AVIRTEK and The University of Arizona Center for Cloud and Autonomic Computing that is inspired by biological systems, which can efficiently handle complexity, dynamism and uncertainty. In AIM-PSC system, an online monitoring and multi-level analysis are used to analyze the anomalous behaviors of networks, software systems and applications. By combining the results of different types of analysis using a statistical decision fusion approach we can accurately detect any types of cyber-attacks with high detection and low false alarm rates and proactively respond with corrective actions to mitigate their impacts and stop their propagation.
KW - Automation
KW - Behavior Analysis
KW - Cyber Security
KW - Data Analytics
KW - Information Technology
KW - Machine Learning
KW - Network Security
UR - http://www.scopus.com/inward/record.url?scp=85058324147&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85058324147&partnerID=8YFLogxK
U2 - 10.1145/3147234.3148137
DO - 10.1145/3147234.3148137
M3 - Conference contribution
AN - SCOPUS:85058324147
T3 - UCC 2017 Companion - Companion Proceedings of the 10th International Conference on Utility and Cloud Computing
SP - 107
EP - 112
BT - UCC 2017 Companion - Companion Proceedings of the 10th International Conference on Utility and Cloud Computing
PB - Association for Computing Machinery, Inc
T2 - 10th IEEE/ACM International Conference on Utility and Cloud Computing, UCC 2017
Y2 - 5 December 2017 through 8 December 2017
ER -