NERD: Neural Network for Edict of Risky Data Streams

by   Sandro Passarelli, et al.

Cyber incidents can have a wide range of cause from a simple connection loss to an insistent attack. Once a potential cyber security incidents and system failures have been identified, deciding how to proceed is often complex. Especially, if the real cause is not directly in detail determinable. Therefore, we developed the concept of a Cyber Incident Handling Support System. The developed system is enriched with information by multiple sources such as intrusion detection systems and monitoring tools. It uses over twenty key attributes like sync-package ratio to identify potential security incidents and to classify the data into different priority categories. Afterwards, the system uses artificial intelligence to support the further decision-making process and to generate corresponding reports to brief the Board of Directors. Originating from this information, appropriate and detailed suggestions are made regarding the causes and troubleshooting measures. Feedback from users regarding the problem solutions are included into future decision-making by using labelled flow data as input for the learning process. The prototype shows that the decision making can be sustainably improved and the Cyber Incident Handling process becomes much more effective.



There are no comments yet.


page 4

page 6


Sufficient Reasons for A Zero-Day Intrusion Detection Artificial Immune System

The Internet is the most complex machine humankind has ever built, and h...

Statistical Decision Making for Authentication and Intrusion Detection

User authentication and intrusion detection differ from standard classif...

The best laid plans or lack thereof: Security decision-making of different stakeholder groups

Cyber security requirements are influenced by the priorities and decisio...

Analysis of Trending Topics and Text-based Channels of Information Delivery in Cybersecurity

Computer users are generally faced with difficulties in making correct s...

Federated TON_IoT Windows Datasets for Evaluating AI-based Security Applications

Existing cyber security solutions have been basically developed using kn...

Intrusion Detection Systems: A Cross-Domain Overview

The cybersecurity ecosystem continuously changes with the growth of cybe...

Argumentation-based Security for Social Good

The increase of connectivity and the impact it has in every day life is ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.