Log In Sign Up

Prototype Open-Source Software Stack for the Reduction of False Positives and Negatives in the Detection of Cyber Indicators of Compromise and Attack: Hybridized Log Analysis Corre

by   stevechan, et al.

A prototypical solution stack (Solution Stack #1) with chosen Open-Source Software (OSS) components for an experiment was enhanced by hybridized OSS amalgams (e.g., Suricata and Sagan; Kubernetes, Nomad, Cloudify and Helios; MineMeld and Hector) and supplemented by select modified algorithms (e.g., modified N-Input Voting Algorithm [NIVA] modules and a modified Fault Tolerant Averaging Algorithm [FTAA] module) leveraged by ensemble method machine learning. The preliminary results of the prototype solution stack (Stack #2) indicate a reduction, with regards to cyber Indicators of Compromise (IOC) and indicators of attack (IOA), of false positives by approximately 15% and false negatives by approximately 47%.


page 1

page 2

page 3

page 4


Towards Reconstructing Multi-Step Cyber Attacks in Modern Cloud Environments with Tripwires

Rapidly-changing cloud environments that consist of heavily interconnect...

An analysis of open source software licensing questions in Stack Exchange sites

Free and open source software is widely used in the creation of software...

Existence of Stack Overflow Vulnerabilities in Well-known Open Source Projects

A stack overflow occurs when a program or process tries to store more da...

CFU Playground: Full-Stack Open-Source Framework for Tiny Machine Learning (tinyML) Acceleration on FPGAs

We present CFU Playground, a full-stack open-source framework that enabl...

FlagIt: A System for Minimally Supervised Human Trafficking Indicator Mining

In this paper, we describe and study the indicator mining problem in the...

Loongson IoT Gateway: A Technical Review

A prototype of Loongson IoT (Internet of Things) ZigBee gateway is alrea...

Predicting Crash Fault Residence via Simplified Deep Forest Based on A Reduced Feature Set

The software inevitably encounters the crash, which will take developers...