Skip to main content
SpringerLink
Log in
Book cover

Dynamics of Information Systems pp 161–177Cite as

Statistical Techniques for Assessing Cyberspace Security

  • Conference paper
  • First Online:

Part of the book series: Springer Proceedings in Mathematics & Statistics ((PROMS,volume 105))

Abstract

This chapter describes statistical approaches to cyber security. Telecommunication and computer network systems form a physical foundation of a cyberspace. Cyberspace is of critical importance to national security and economy. Because cyber attacks and cybercrime pose a considerable and increasing threat to society, security of cyber systems must be improved. In intrusion detection, three fundamental methodologies for cyber attack detection are known, namely anomaly detection, signature recognition, and attack norm separation. Based on these methodologies, various statistical approaches for detecting cyber attacks have been developed. However, cyber attacks continue to evolve. Distributed attacks are emerging that hijack and harvest the power of cloud technologies to cause disruption. System-wide approaches are needed to enable early detection of such attacks. We propose a new graph-based modeling framework and derive a network-based statistical method that could help detect compromised structures in a cyberspace. We illustrate our new approach with an example of a small cyberspace.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Ayutyanont, N.: Statistical Characteristics and Models of Cyber Attack and Norm Data for Cyber Attack Detection. Ph.D. Dissertation. Arizona State University, Tempe, AZ, USA (2007)

    Google Scholar 

  2. Calo, S., Wood, D., Zerfos, P., Vyvyan, D., Dantressangle, P., Bent, G.: Technologies for Federation and Interoperation of Coalition Networks. In: Proceedings of 12th International Conference on Information Fusion, Seattle (2009)

    Google Scholar 

  3. Casas, P., Mazel, J., and Owezarski, P.: Unsupervised network intrusion detection systems: Detecting the unknown without knowledge. Comput. Comm. 35(7), 772–783 (2012)

    Article  Google Scholar 

  4. Chora, M., DAntonio, S., Kozik, R., Holubowicz, W.: INTERSECTION Approach to Vulnerability Handling. In: Proceedings of 6th International Conference on Web Information Systems and Technologies, WEBIST 2010, vol. 1, pp. 171–174. INSTICC Press, Valencia (2010)

    Google Scholar 

  5. Choraś, M., Kozik, R. Network Event Correlation and Semantic Reasoning for Federated Networks Protection System. In Computer Information Systems Analysis and Technologies. Springer, Berlin Heidelberg, 48–54 (2011)

    Google Scholar 

  6. Department of Defense Strategy for Operating in Cyberspace. U.S. Department of Defense. July 2011. http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/DoD_Strategy_for_Operating_in_Cyberspace_July_2011.pdf. Cited 15 Apr 2013.

  7. Dean, D. et al. The Internet Economy in the G-20. The Boston Consulting Group. March 2012. http://www.bcg.com/documents/file100409.pdf. Cited 15 Apr 2013

  8. Emran, S.M., Ye, N.: Robustness of chi-squared and Canberra techniques in detecting intrusions into information systems. Qual. Reliab. Eng. Int.18(1), 19–28 (2002)

    Article  Google Scholar 

  9. El-Damhougy, H., Yousefizadeh, H., Lofquist, H., Sackman, D., Crowley, R.: Hierarchical and federated network management for tactical environments. In: Proceedings of IEEE Military Communications Conference MILCOM, vol. 4, pp. 2062–2067 (2005)

    Google Scholar 

  10. ICT facts and figures: The World in 2013. ICT Data and Statistics Division. International Telecommunication Union. Geneva, Switzerland. February 2013. http://www.itu.int/en/ITU-D/Statistics/Documents/facts/ICTFactsFigures2013-e.pdf. Cited 3 Jan 2014

  11. IC3 2012 Internet Crime Report Released: More than 280,000 Complaints of Online Criminal Activity. National Press Releases. FBI National Press Office. The Federal Bureau of Investigation. May 2013. http://www.fbi.gov/news/pressrel/press-releases/ic3-2012-internet-crime-report-released. Cited 30 Jun 2013.

  12. Lee, W., Stolfo, S.J., Mok, K.: A data mining framework for building intrusion detection models. In: Proceedings of the 199 IEE Symposium on Security and Privacy. Anaheim, CA: IEEE Computer Society Press, pp. 120–132 (1999)

    Google Scholar 

  13. Li, X., Ye, N.: Decision tree classifiers for computer intrusion detection. J. Paralel and Distributed Comput. Practices, 4(2), 179–190 (2001)

    Google Scholar 

  14. Li, X., Ye, N.: Grid- and dummy-cluster-based learning of normal and intrusive clusters for computer intrusion detection. Qual. Reliab. Eng. Int. 18(3), 231–242 (2002)

    Article  MathSciNet  Google Scholar 

  15. Li, X., Ye, N.: A supervised clustering algorithm for mining normal and intusive activity patterns in computer intrusion detection. Knowledge Inform. Syst. 8(4), 498–509 (2005)

    Article  Google Scholar 

  16. Li, X., Ye, N.: A supervised clustering and classification algorithm for mining data with mixed variables. IEEE Trans. Syst. Man, Cybernet. 36(2), 396–406 (2006)

    Google Scholar 

  17. Mujtaba, M., Nanda, P., and He, X.: Border gateway protocol anomaly detection using failure quality control method. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on (pp. 1239–1244). IEEE (June 2012).

    Google Scholar 

  18. NATO Network Enabled Feasibility Study Volume II: Detailed Report Covering a Strategy and Roadmap for Realizing an NNEC Networking and Information Infrastructure (NII), version 2.0

    Google Scholar 

  19. Perlroth, N., Hardy, Q.: Bank Hacking Was the Work of Iranians, Officials Say. The New York Times (2013). http://www.nytimes.com/2013/01/09/technology/online-banking-attacks-were-work-of-iran-us-officials-say.html?pagewanted=1&_r=1&. Cited 26 Feb 2013.

  20. Simmross-Wattenberg, F., Asensio-Perez, J. I., Casaseca-de-la-Higuera, P., Martin-Fernandez, M., Dimitriadis, I. A., and Alberola-Lpez, C.: Anomaly detection in network traffic based on statistical inference and alpha-Stable modeling. IEEE Trans. Dependable and Secure Comput. 8(4), 494–509 (2011)

    Article  Google Scholar 

  21. The economic impact of cybercrime and cyber espionage. Center for Strategic and International Studies. McAfee, An Intel Company. July 2013. http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime.pdf. Cited 20 Aug 2013.

  22. Ye, N.: Secure Computer and Network Systems. Wiley, Chichester (2008)

    Book  Google Scholar 

  23. Ye, N., Chen, Q.: An anomaly detection technique based on a chi-square statistics for detecting intrusions into information systems. Qual. Reliab. Eng. Int. 17(2), 105–112 (2001)

    Article  MathSciNet  Google Scholar 

  24. Ye, N., Chen, Q.: Computer intrusion detection through EWMA for auto-correlated and uncorrelated data. IEEE Trans. Reliab. 52(1), 73–82 (2003)

    Google Scholar 

  25. Ye, N., Li, X.: A scalable, incremental learning algorithm for classification problems. Comput Indust. Eng. 43(4), 677–692 (2002)

    Article  MathSciNet  Google Scholar 

  26. Ye, N., Borror, C., Parmar, D.: Scalable chi square distance versus conventional statistical distance for process monitoring with uncorrelated data variables. Qual. Reliab. Eng. Int. 19(6), 505–515 (2003)

    Article  Google Scholar 

  27. Ye, N., Borror, C., Zhang, Y.: EWMA techniques for computer intrusion detection through anomalous changes in event density. Qual. Reliab. Eng. Int. 18(6), 443–451 (2002)

    Article  Google Scholar 

  28. Ye, N., Chen, Q., Borror, C.: EWMA forecast of normal system activity for computer intrusion detection. IEEE Trans. Reliab. 53(4), 557–566 (2004)

    Article  Google Scholar 

  29. Ye, N., Chen, Q., Emran, S.M., Xu, M.: Probabilistic techniques for intrusion detection based on computer audit data. IEEE Trans. Syst. Man, Cybernet. 31(4), 266–274 (2001)

    Google Scholar 

  30. Ye, N., Ehiabor, T., Zhang, Y.: First-order versus high-order stochastic models for computer intrusion detection. Qual. Reliab. Eng. Int. 18(3), 243–250 (2002)

    Article  Google Scholar 

  31. Ye, N., Emran, S.M., Chen, Q., Vilbert, S.: Multivariate statistical analysis of audit trails for host-based intrusion detection. IEEE Trans. Comput. 51(7), 810–820 (2002)

    Article  Google Scholar 

  32. Ye, N., Giordano, J., Feldman, J.: A process control approach to cyber attack detection. Comm. ACM. 4(8), 76–82 (2001)

    Article  Google Scholar 

  33. Ye, N., Parmar, D., Borror, C.M.: A hybrid SPC method with the Chi-square distance monitoring procedure for large-scale, complex process data. Qual. Reliab. Eng. Int. 22(4), 393–402 (2006)

    Article  Google Scholar 

  34. Ye, N., Zhang, Y., Borror, C.M.: Robustness of the Markov-chain model for cyber attack detection. IEEE Trans. Reliab. 53(1), 116–123 (2004)

    Article  Google Scholar 

  35. Ye, N., Li, X., Chen, Q., Emran, S.M., Xu, M.: Probabilistic techniques for intrusion detection based on computer audit data. IEEE Trans. Syst. Man, Cybernet. 31(4), 266–274 (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. New Mexico State University, 30001, MSC 4230, Las Cruces, NM, 88012, USA

    Alla R. Kammerdiner

Authors
  1. Alla R. Kammerdiner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alla R. Kammerdiner .

Editor information

Editors and Affiliations

  1. Department of Industrial and Systems Engineering, University of Florida, Gainesville, Florida, USA

    Chrysafis Vogiatzis

  2. Department of Industrial and Systems Engineering, University of Florida, Gainesville, Florida, USA

    Jose L. Walteros

  3. Department of Industrial and Systems Engineering, University of Florida, Gainesville, Florida, USA

    Panos M. Pardalos

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Kammerdiner, A.R. (2014). Statistical Techniques for Assessing Cyberspace Security. In: Vogiatzis, C., Walteros, J., Pardalos, P. (eds) Dynamics of Information Systems. Springer Proceedings in Mathematics & Statistics, vol 105. Springer, Cham. https://doi.org/10.1007/978-3-319-10046-3_9

Download citation

Publish with us

Policies and ethics

Search

Navigation