Trusted CI Webinar: Anticipatory Cyber Defense via Predictive Analytics, Machine Learning and Simulation

Yang, Shanchieh

Permalink

https://hdl.handle.net/2142/103052 Copy

Description

Title

Trusted CI Webinar: Anticipatory Cyber Defense via Predictive Analytics, Machine Learning and Simulation

Author(s)

Yang, Shanchieh

Issue Date

2019-02-25

Keyword(s)

• NSF
• Trusted CI
• Webinar
• Machine Learning

Abstract

Cyberattacks on enterprise networks have moved into an era where both attackers and security analysts utilize complex strategies to confuse and mislead one another. Critical attacks often take multitudes of reconnaissance, exploitations, and obfuscation techniques to achieve the goal of cyber espionage and/or sabotage. The discovery and detection of new exploits, though needing continuous efforts, is no longer sufficient. Imagine a system that automatically extracts the ways the attackers use various techniques to penetrate a network and generates empirical models that can be used for in-depth analysis or even predict next attack actions. What if we can simulate synthetic attack scenarios based on characteristics of the network and adversary behaviors? Will publicly available information on the Internet be viable to forecast cyberattacks before they take place? This talk will discuss advances that enable anticipatory cyber defense and open research questions. Specifically, this talk will present a suite of research efforts and prototypes: ASSERT integrates Bayesian-based learn ing with clustering to generate and refine attack models based on observed malicious activities; CASCADES explores how attackers discover vulnerabilities of the systems in the network to simulate potential attack progressions; CAPTURE overcomes limitations of imbalanced, insignificant, and non-stationary data to forecast cyberattacks before they happen using public domain signals. These ongoing research works provide much needed anticipatory capability for proactive cyber defense. This talk will be at a sufficiently high level to describe the needs for anticipatory cyber defense and some capabilities. The intended audience ranges from researchers, practitioners, policy makers, and students who have some high level knowledge about cybersecurity.

Type of Resource

• text
• image

Language

en

Permalink

http://hdl.handle.net/2142/103052

Sponsor(s)/Grant Number(s)

• NSF #1547272
• NSF #1526383
• NSF #1742789
• IARPA #FA875016C0114
• NSA #H98230-15-1-0277

Copyright and License Information

Copyright © 2019 The Trustees of Indiana University. This work is licensed under a Creative Commons Attribution-­NonCommercial 3.0 Unported (CC BY­NC 3.0) license.

Owning Collections