Title: | Preemptive Intrusion Detection |
Author(s): | Cao, Phuong; Dimartino, Catello; Iyer, Ravishankar K.; Kalbarczyk, Zbigniew T. |
Subject(s): | intrusion detection, ranking, preemptive, probation, credential stealing attack |
Abstract: | Inrecentyears,organizationshavebeensufferedfromsignificanteco- nomic and physical damages by sophisticated cyber-attacks. Both industry and academia have been actively improving intrusion detection systems and data min- ing techniques for defending intruders. Despite extensive research, these tech- niques still fall short preventing attacks in advance. To this end, we present Spot, an end-to-end preemptive intrusion detection system. Spot predicts and blocks potential attacks before they occur. We designed, implemented, and evaluated vi- ability of Spot against credential stealing attacks, using five years operational data at National Center for Supercomputing Applications. In our experiments with 12 attacks, we demonstrate Spot’s ability to detect all compromised users and pre- empt attacks in average 14 hours before they occur. |
Issue Date: | 2013-04-08 |
Genre: | Technical Report |
Type: | Text |
Language: | English |
URI: | http://hdl.handle.net/2142/43367 |
Publication Status: | unpublished |
Peer Reviewed: | not peer reviewed |
Date Available in IDEALS: | 2013-04-08 |