%0 Conference Proceedings
%T Early Warning Systems for Cyber Defence
%+ Queen's University [Belfast] (QUB)
%+ Coventry University
%+ Nanyang Technological University [Singapour]
%A Kalutarage, Harsha
%A Shaikh, Siraj
%A Lee, Bu-Sung
%A Lee, Chonho
%A Kiat, Yeo, Chai
%Z Part 2: Intrusion Detection
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B International Workshop on Open Problems in Network Security (iNetSec)
%C Zurich, Switzerland
%Y Jan Camenisch
%Y Doğan Kesdoğan
%3 Open Problems in Network Security
%V LNCS-9591
%P 29-42
%8 2015-10-29
%D 2015
%R 10.1007/978-3-319-39028-4_3
%K Bayesian inference
%K Cyber defence
%K Cyber warfare
%K Future internet
%K Early warning systems
%Z Computer Science [cs]Conference papers
%X Cybercriminals ramp up their efforts with sophisticated techniques while defenders gradually update their typical security measures. Attackers often have a long-term interest in their targets. Due to a number of factors such as scale, architecture and nonproductive traffic however it makes difficult to detect them using typical intrusion detection techniques. Cyber early warning systems (CEWS) aim at alerting such attempts in their nascent stages using preliminary indicators. Design and implementation of such systems involves numerous research challenges such as generic set of indicators, intelligence gathering, uncertainty reasoning and information fusion. This paper discusses such challenges and presents the reader with compelling motivation. A carefully deployed empirical analysis using a real world attack scenario and a real network traffic capture is also presented.
%G English
%Z TC 11
%Z WG 11.4
%2 https://inria.hal.science/hal-01445791/document
%2 https://inria.hal.science/hal-01445791/file/416270_1_En_3_Chapter.pdf
%L hal-01445791
%U https://inria.hal.science/hal-01445791
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-4
%~ IFIP-LNCS-9591
%~ IFIP-INETSEC