US Army Identifies How To Improve Cybersecurity

Cybersecurity is now one of the US nation's top security concerns as millions of people were affected by breaches around the world. Working on an idea that malevolent network activity would reveal its criminal purpose early,  US Army researchers have developed a tool that would stop transmitting traffic after a given number of messages had be transmitted.

The resulting compressed network traffic was analysed and compared to the analysis performed on the original network traffic.

This research was done at the US Army Combat Capabilities Development Command's Army Research Laboratory, and Towson University and they potentially identified new ways to improve network security.

Many cybersecurity systems use distributed network intrusion detection. This allows a small number of highly trained analysts to monitor several networks at the same time. The process reduces cost through economies of scale and more efficiently controls the limited cybersecurity expertise. 

However, the researchers realised that this approach requires data to be transmitted from network intrusion detection sensors on the defended network to central analysis severs. Transmitting all of the data captured by sensors requires too much bandwidth, researchers realised.

Because of this, most distributed network intrusion detection systems only send alerts, or summaries of activities, back to the security analyst. With only these summaries, cyber-attacks can go undetected because the analyst did not have enough information to understand the network activity, or, alternatively, time may be wasted chasing down false positives.

As suspected, researchers found cyber-attacks often do do the the most damage early in the transmission process. But when the team identified malicious activity later in the transmission process, it was usually not the first occurrence of malicious activity in that network flow.

"This strategy should be effective in reducing the amount of network traffic sent from the sensor to central analyst system," said Sidney Smith, an ARL researcher and the study's lead author.

"Ultimately, this strategy could be used to increase the reliability and security of Army networks."

For the next phase, researchers want to integrate this technique with network classification and lossless compression techniques to reduce the amount of traffic that needs to be transmitted to the central analysis systems to less than 10% of the original traffic volume while losing no more than 1% of cyber security alerts.

"The future of intrusion detection is in machine learning and other artificial intelligence techniques," Smith said.

"However, many of these techniques are too resource intensive to run on the remote sensors, and all of them require large amounts of data. A cybersecurity system incorporating our research

EurekaAlert:         FCW:       USArmyDevCom:

You Might Also Read:



 

« WannaCry Hero Deserves a Pardon, Not A Conviction
A Predictive Tool For Armed Police »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

L3Harris United Kingdom

L3Harris United Kingdom

L3Harris UK (formerly L3 TRL Technology) designs and delivers advanced electronic warfare and cyber security solutions for the protection of people, infrastructure and assets.

Packet Ninjas

Packet Ninjas

Packet Ninjas is a niche cyber security agency with specialized expertise in the use of digital intelligence to strengthen cyber security.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

Hexatrust

Hexatrust

The HEXATRUST club was founded by a group of French SMEs that are complementary players with expertise in information security systems, cybersecurity, cloud confidence and digital trust.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

CyberForce Program - US Department of Energy

CyberForce Program - US Department of Energy

The Department of Energy’s (DOE) CyberForce Program is a workforce development program that seeks to inspire and develop the next generation of cyber defenders for the energy sector.

The ai Corporation

The ai Corporation

The ai Enterprise Fraud Solution is an on-prem or cloud-based self-service, machine learning fraud detection and prevention tool set.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

Cyentia Institute

Cyentia Institute

The Cyentia Institute is a research & data science firm with a mission to advance knowledge in the cybersecurity industry.

Nominet

Nominet

Nominet's cyber division offers network detection and response services to governments and enterprises worldwide.

Shevirah

Shevirah

Shevirah specializes in products for automated mobile and IoT device vulnerability assessment, penetration testing, and mobile security awareness training.

CyberEdBoard

CyberEdBoard

CyberEdBoard is a private, peer-to-peer education and networking community focused on cybersecurity, technology, business processes and risk management.

Accolite Digital

Accolite Digital

Accolite is an innovative, design thinking software company that guarantees seamless digital experiences with maximum results.

SAM Seamless Network

SAM Seamless Network

SAM Seamless Network is a cybersecurity technology platform that protects the connected home, by tackling cyber security threats at the source.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.