TY - GEN
T1 - Multi-Layer Mapping of Cyberspace for Intrusion Detection
AU - Shao, Sicong
AU - Satam, Pratik
AU - Satam, Shalaka
AU - Al-Awady, Khalid
AU - Ditzler, Gregory
AU - Hariri, Salim
AU - Tunc, Cihan
N1 - Funding Information:
ACKNOWLEDGMENT This work was supported by grants from the Department of Energy #DE-NA0003946, National Science Foundation CAREER #1943552, Army Research Lab W56KGU-20-C-0002, Office of Naval Research N6833518C0416, Air Force Office of Scientific Research (AFOSR) Dynamic Data-Driven Application Systems (DDDAS) award number FA9550-18-1-0427, National Science Foundation (NSF) research projects NSF-1624668 and NSF-1849113, and National Institute of Standards and Technology (NIST) 70NANB18H263.
Funding Information:
This work was supported by grants from the Department of Energy #DE-NA0003946, National Science Foundation CAREER #1943552, Army Research Lab W56KGU-20-C- 0002, Office of Naval Research N6833518C0416, Air Force Office of Scientific Research (AFOSR) Dynamic Data-Driven Application Systems (DDDAS) award number FA9550-18-1- 0427, National Science Foundation (NSF) research projects NSF-1624668 and NSF-1849113, and National Institute of Standards and Technology (NIST) 70NANB18H263.
Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - The ubiquity and vulnerability of computer applications make them ideal places for intrusion attacks that increase in intensity and complexity. Computer applications have a relationship with various networks, physical components, host devices, and users with different roles and requirements. Therefore, securing computer applications in such a complex and dynamic cyberspace is urgent and challenging. This paper attempts to tackle the challenges by proposing a Multi-Layer Abnormal Behaviors Analysis (MLABA) framework for intrusion detection associated with three layers (i.e., system, process, and network layers) in cyberspace for characterizing their normal operations and detect any abnormal behavior that might be triggered by malicious activities. The proposed technique was evaluated on several popular applications (i.e., Firefox, Opera, Chrome, and Ruby). The experimental results demonstrate the feasibility of MLABA framework that can detect the intrusion and abuse for applications.
AB - The ubiquity and vulnerability of computer applications make them ideal places for intrusion attacks that increase in intensity and complexity. Computer applications have a relationship with various networks, physical components, host devices, and users with different roles and requirements. Therefore, securing computer applications in such a complex and dynamic cyberspace is urgent and challenging. This paper attempts to tackle the challenges by proposing a Multi-Layer Abnormal Behaviors Analysis (MLABA) framework for intrusion detection associated with three layers (i.e., system, process, and network layers) in cyberspace for characterizing their normal operations and detect any abnormal behavior that might be triggered by malicious activities. The proposed technique was evaluated on several popular applications (i.e., Firefox, Opera, Chrome, and Ruby). The experimental results demonstrate the feasibility of MLABA framework that can detect the intrusion and abuse for applications.
UR - http://www.scopus.com/inward/record.url?scp=85125637255&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85125637255&partnerID=8YFLogxK
U2 - 10.1109/AICCSA53542.2021.9686823
DO - 10.1109/AICCSA53542.2021.9686823
M3 - Conference contribution
AN - SCOPUS:85125637255
T3 - Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA
BT - 2021 IEEE/ACS 18th International Conference on Computer Systems and Applications, AICCSA 2021 - Proceedings
PB - IEEE Computer Society
T2 - 18th IEEE/ACS International Conference on Computer Systems and Applications, AICCSA 2021
Y2 - 30 November 2021 through 3 December 2021
ER -