A Collaborative Approach to Situational Awareness for CyberSecurity

Mary Mathews; Paul Halvorsen; Anupam Joshi; Tim Finin

8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing

Research Article

A Collaborative Approach to Situational Awareness for CyberSecurity

Download273 downloads

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.4108/icst.collaboratecom.2012.250794,
    author={Mary Mathews and Paul Halvorsen and Anupam Joshi and Tim Finin},
    title={A Collaborative Approach to Situational Awareness for CyberSecurity},
    proceedings={8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing},
    publisher={IEEE},
    proceedings_a={COLLABORATECOM},
    year={2012},
    month={12},
    keywords={cybersecurity intrusion detection situational awareness information extraction},
    doi={10.4108/icst.collaboratecom.2012.250794}
}

Mary Mathews
Paul Halvorsen
Anupam Joshi
Tim Finin
Year: 2012
A Collaborative Approach to Situational Awareness for CyberSecurity
COLLABORATECOM
ICST
DOI: 10.4108/icst.collaboratecom.2012.250794

Mary Mathews^,*, Paul Halvorsen¹, Anupam Joshi¹, Tim Finin¹

1: UMBC

*Contact email: math1@umbc.edu

Abstract

Traditional intrusion detection and prevention systems have well known limitations that decrease their utility against many kinds of attacks. Creating a new system that collaboratively combines information from traditional and nontraditional sensors to produce new, relevant signatures is one way to deal with these limitations. In this paper, we present a framework that uses this collaborative approach, as well as the details for a network traffic based classifier that shows promise for detecting malicious traffic.

Keywords: cybersecurity intrusion detection situational awareness information extraction

Published: 2012-12-14
Publisher: IEEE

: http://dx.doi.org/10.4108/icst.collaboratecom.2012.250794