From: American Statistical Association via Science Daily
With the number of security breaches and cyber-attacks on the rise, cyber-security experts may soon have a new tool in the fight against online threats. Scientists have developed a new statistical method for monitoring networks to automatically detect ‘strange behavior’ and ultimately prevent intrusion.
With the number of security breaches and cyber-attacks on the rise and reports of the financial burden of these varying from $400 billion a year to $2.1 trillion by 2019, cyber-security experts may soon have a new tool in the fight against online threats. Patrick Rubin-Delanchy, Heilbronn Research Fellow in Statistics at the University of Oxford, will present a new statistical method for monitoring networks to automatically detect “strange behavior” and ultimately prevent intrusion on Monday, July 31, at the 2017 Joint Statistical Meetings (JSM).
Data arising in cyber-security applications often have a network structure. A tool that monitors networks has access to massive amounts of data of which “normal” behavior can be observed. “Since data on intrusions is lacking,” notes Rubin-Delanchy “accurate statistical modeling of connectivity behavior has important implications, particularly for network intrusion detection.”
Rubin-Delanchy — in collaboration with Nick Heard, reader in statistics at Imperial College London, and Carey Priebe, professor of statistics at The Johns Hopkins University — has developed a “linear algebraic” approach to network anomaly detection, in which nodes are embedded in a finite dimensional latent space, where common statistical, signal-processing and machine-learning methodologies are then available. They illustrate results from their methodology on network flow data collected at Los Alamos National Laboratory.
In contrast with traditional cyber-security approaches like anti-virus software, the new methodology is not based on hand-engineered signatures, but rather machine learning in which programs can access and use the data and learn for themselves. “Our anticipation is that this model will provide a more robust approach to cyber-security in the future.”
Leave a Reply