All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Exploiting the Outcome of Outlier Detection for Novel Attack Pattern Recognition on Streaming Data

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F49777513%3A23520%2F21%3A43962454" target="_blank" >RIV/49777513:23520/21:43962454 - isvavai.cz</a>

  • Result on the web

    <a href="https://doi.org/10.3390/electronics10172160" target="_blank" >https://doi.org/10.3390/electronics10172160</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.3390/electronics10172160" target="_blank" >10.3390/electronics10172160</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Exploiting the Outcome of Outlier Detection for Novel Attack Pattern Recognition on Streaming Data

  • Original language description

    A framework called Streaming Outlier Analysis and Attack Pattern Recognition, denoted as SOAAPR, is being introduced that, in contrast to the state-of-the-art, is able to process the output of various online unsupervised outlier detection methods in a streaming fashion to extract information about novel attack patterns. Three different privacy-preserving, fingerprint-like signatures are computed from the clustered set of correlated alerts by SOAAPR, which characterize and represent the potential attack scenarios with respect to their communication relations, their manifestation in the data’s features and their temporal behavior. The evaluation on two popular data sets shows that SOAAPR can compete with an offline competitor in terms of alert correlation and outperforms it significantly in terms of processing time. Moreover, in most cases all three types of signatures seem to reliably characterize attack scenarios to the effect that similar ones are grouped together.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/LO1506" target="_blank" >LO1506: Sustainability support of the centre NTIS - New Technologies for the Information Society</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Others

  • Publication year

    2021

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    Electronics

  • ISSN

    2079-9292

  • e-ISSN

  • Volume of the periodical

    10

  • Issue of the periodical within the volume

    17

  • Country of publishing house

    CH - SWITZERLAND

  • Number of pages

    42

  • Pages from-to

    1-42

  • UT code for WoS article

    000694149100001

  • EID of the result in the Scopus database

    2-s2.0-85114342418

Similar results(10)

Unsupervised Feature Selection for Outlier Detection on Streaming Data to Enhance Network SecurityPredictive Cyber Situational Awareness and Personalized Blacklisting: A Sequential Rule Mining ApproachPredictions of Network Attacks in Collaborative Environment