IDEAS home Printed from https://ideas.repec.org/a/spr/infosf/v8y2006i3d10.1007_s10796-006-8731-y.html
   My bibliography  Save this article

An attack-norm separation approach for detecting cyber attacks

Author

Listed:
  • Nong Ye

    (Arizona State University)

  • Toni Farley

    (Arizona State University)

  • Deepak Lakshminarasimhan

    (Arizona State University)

Abstract

The two existing approaches to detecting cyber attacks on computers and networks, signature recognition and anomaly detection, have shortcomings related to the accuracy and efficiency of detection. This paper describes a new approach to cyber attack (intrusion) detection that aims to overcome these shortcomings through several innovations. We call our approach attack-norm separation. The attack-norm separation approach engages in the scientific discovery of data, features and characteristics for cyber signal (attack data) and noise (normal data). We use attack profiling and analytical discovery techniques to generalize the data, features and characteristics that exist in cyber attack and norm data. We also leverage well-established signal detection models in the physical space (e.g., radar signal detection), and verify them in the cyberspace. With this foundation of information, we build attack-norm separation models that incorporate both attack and norm characteristics. This enables us to take the least amount of relevant data necessary to achieve detection accuracy and efficiency. The attack-norm separation approach considers not only activity data, but also state and performance data along the cause-effect chains of cyber attacks on computers and networks. This enables us to achieve some detection adequacy lacking in existing intrusion detection systems.

Suggested Citation

  • Nong Ye & Toni Farley & Deepak Lakshminarasimhan, 2006. "An attack-norm separation approach for detecting cyber attacks," Information Systems Frontiers, Springer, vol. 8(3), pages 163-177, July.
    • Handle: RePEc:spr:infosf:v:8:y:2006:i:3:d:10.1007_s10796-006-8731-y
    DOI: 10.1007/s10796-006-8731-y
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10796-006-8731-y
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.
    File URL: https://libkey.io/10.1007/s10796-006-8731-y?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Jae Kyu Lee & Younghoon Chang & Hun Yeong Kwon & Beopyeon Kim, 2020. "Reconciliation of Privacy with Preventive Cybersecurity: The Bright Internet Approach," Information Systems Frontiers, Springer, vol. 22(1), pages 45-57, February.
    2. Chulhwan Chris Bang, 2015. "Information systems frontiers: Keyword analysis and classification," Information Systems Frontiers, Springer, vol. 17(1), pages 217-237, February.
    3. Ashish Kumar & Monika Saini & Dinesh Kumar Saini & Nikhilesh Badiwal, 2021. "Cyber physical systems-reliability modelling: critical perspective and its impact," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 12(6), pages 1334-1347, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:infosf:v:8:y:2006:i:3:d:10.1007_s10796-006-8731-y. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.