• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>Cyber Conflict (CYCON), 2012 4th International Conference on >Sensing for suspicion at scale: A Bayesian approach for cyber conflict attribution and reasoning
【24h】

Sensing for suspicion at scale: A Bayesian approach for cyber conflict attribution and reasoning

机译:大规模感知怀疑:网络冲突归因和推理的贝叶斯方法

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Cyber conflict monitoring remains one of the biggest challenges today, amidst increasing scaling up of cyberspace in terms of size, bandwidth and volume. Added to this, the increased determination of cyber actors to operate beneath the threshold makes it ever more difficult to identify unauthorised activities with desired levels of certainty and demonstrability. We acknowledge a case for persistent and pervasive monitoring; detection of serious sabotage and espionage activities, however, is dependent, in part, upon the ability to maintain traffic history over extended periods of time, somewhat beyond current computational and operational constraints. This makes it crucial for research in cyber monitoring infrastructures, which are configured to handle cyberspace at live and modern scale and sense suspicious activity for further investigation. This paper explores Bayesian methods together with statistical normality to judge for effective activity attribution, particularly in high-volume high-scale environments, by combining both prior and posterior knowledge in the scenario. The set of experiments presented in this paper provides tactical and operational principles for systematic and efficient profiling and attribution of activity. Such principles serve a useful purpose for technologists and policy-makers who want to monitor cyberspace for suspicious and malicious behaviour, and narrow down to likely sources. The proposed approach is domain agnostic and hence of interest to a cross-disciplinary audience interested in technology, policy and legal aspects of cyber defence.
机译:在不断扩大规模,带宽和数量的网络空间中,网络冲突监控仍然是当今最大的挑战之一。除此之外,越来越多的网络参与者决心在阈值以下操作,这使得以所需的确定性和可证明性来识别未经授权的活动变得更加困难。我们承认需要进行持续和普遍的监测;但是,对严重破坏活动和间谍活动的检测,在某种程度上取决于在较长时期内保持交通历史的能力,这在一定程度上超出了当前的计算和操作限制。这对于网络监控基础架构的研究至关重要,网络监控基础架构被配置为以实时和现代规模处理网络空间,并感知可疑活动以进行进一步调查。本文通过结合场景中的先验知识和后验知识,探索贝叶斯方法和统计正态性来判断有效的活动归因,尤其是在大批量大规模环境中。本文介绍的这组实验为系统,有效地分析和归因活动提供了战术和操作原则。对于希望监视网络空间的可疑和恶意行为并缩小范围的技术人员和决策者,此类原则非常有用。所提出的方法与领域无关,因此对于对网络防御的技术,政策和法律方面感兴趣的跨学科读者感兴趣。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号