Files in this item



application/pdfpaper.pdf (568kB)Restricted Access
RAID 2013 draftPDF


Title:Preemptive Intrusion Detection
Author(s):Cao, Phuong; Dimartino, Catello; Iyer, Ravishankar K.; Kalbarczyk, Zbigniew T.
Subject(s):intrusion detection, ranking, preemptive, probation, credential stealing attack
Abstract:Inrecentyears,organizationshavebeensufferedfromsignificanteco- nomic and physical damages by sophisticated cyber-attacks. Both industry and academia have been actively improving intrusion detection systems and data min- ing techniques for defending intruders. Despite extensive research, these tech- niques still fall short preventing attacks in advance. To this end, we present Spot, an end-to-end preemptive intrusion detection system. Spot predicts and blocks potential attacks before they occur. We designed, implemented, and evaluated vi- ability of Spot against credential stealing attacks, using five years operational data at National Center for Supercomputing Applications. In our experiments with 12 attacks, we demonstrate Spot’s ability to detect all compromised users and pre- empt attacks in average 14 hours before they occur.
Issue Date:2013-04-08
Genre:Technical Report
Publication Status:unpublished
Peer Reviewed:not peer reviewed
Date Available in IDEALS:2013-04-08

This item appears in the following Collection(s)

Item Statistics