Detection and Modeling of Cyber Attacks with Petri Nets

Jasiul, Bartosz; Szpyrka, Marcin; Śliwa, Joanna

doi:10.3390/e16126602

Cited by 42 publications

(16 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Currently Anode is also a component of the anomaly detection and security event data correlation system developed in SECOR project [100]. A final implementation in SECOR has been developed in JAVA WSO2 (http://wso2.com) environment.…”

Section: Methodsmentioning

confidence: 99%

An Entropy-Based Network Anomaly Detection Method

Bereziński

Jasiul

Szpyrka

2015

Entropy

Self Cite

157

View full text Add to dashboard Cite

Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method.

show abstract

Section: Methodsmentioning

confidence: 99%

An Entropy-Based Network Anomaly Detection Method

Bereziński

Jasiul

Szpyrka

2015

Entropy

Self Cite

157

View full text Add to dashboard Cite

show abstract

“…[22] considers the possibility of application of MAR splines in ASDCA, enabling building of exact approximation of the behavior of a standard user, or of the attacking side, according to specified parameters. A large number of works is devoted to statistical analysis of the data in ASDCA [15,23], to signature models [24] and theoretical aspects of the use of Markov chains [5,6,24] and the Petri nets [25] for the systems of cyber-attacks recognition.…”

Section: Introductionmentioning

confidence: 99%

Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features

Lakhno

Kazmirchuk

Kovalenko

et al. 2016

EEJET

View full text Add to dashboard Cite

“…Signatures describe illegal patterns in network traffic and require expert knowledge about the given network threat given a priori. Such solutions do not cope with slightly modified or so-called 0-days attacks [6]. Another group of anomaly detection methods is based on entropy analysis [7], [8], [9].…”

Section: Introductionmentioning

confidence: 99%

Extracting of temporal patterns from data for hierarchical classifiers construction

Szpyrka

Szczur

Bazan

et al. 2015

2015 IEEE 2nd International Conference on Cybernetics (CYBCONF)

Self Cite

View full text Add to dashboard Cite

A method of automatic extracting of temporal patterns from learning data for constructing hierarchical behavioral patterns based classifiers is considered in the paper. The presented approach can be used to complete the knowledge provided by experts or to discover the knowledge automatically if no expert knowledge is accessible. Formal description of temporal patterns is provided and an algorithm for automatic patterns extraction and evaluation is described. A system for packet-based network traffic anomaly detection is used to illustrate the considered ideas.

show abstract

Detection and Modeling of Cyber Attacks with Petri Nets

Cited by 42 publications

References 27 publications

An Entropy-Based Network Anomaly Detection Method

An Entropy-Based Network Anomaly Detection Method

Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features

Extracting of temporal patterns from data for hierarchical classifiers construction

Contact Info

Product

Resources

About