Search GSSD

Comprehensive Security Framework for Global Threats Analysis

Abstract: 
Information modeling and behavioral analysis are new solutions to cyber criminality activities within the information society. Presents a framework detailing steps for monitoring an information society. Experiment results show that modeling reduces cyber criminal events by 91%, showing that the User Behavioral Analysis is an effective way of detecting more than 80% of legitimate attack scenarios. The analysis server component is hierarchical and its distributive agents share two functionalities: a collector function to gather information on monitored components and a homogenization function that standardizes collected information. Event modeling considers action theory and event semantics (intention, movement, target, and gain). The attacker strategy considers following functions: recon, authentication, authorization, system intention, activity, config, attack, malware, suspicious, vulnerability, and information. Behavioral analysis approach considers model method selection, anomaly detection, event selection, and anomaly evaluation.
Author: 
Jacques Saraydaryan, Fatiha Benali, Stephane Ubeda, Veronique Legrand
Institution: 
International Journal of Computer Science Issues (IJCSI)
Year: 
2009
Input By: 
Jessica Choi
Affiliation: 
MIT
Region(s): 
Industry Focus: 
Information & Telecommunication
Internet & Cyberspace
Datatype(s): 
Bibliographies & Reports
Models