US Army Identifies How To Improve Cybersecurity

Uploaded on 2019-06-04 in GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Developments

Cybersecurity is now one of the US nation's top security concerns as millions of people were affected by breaches around the world. Working on an idea that malevolent network activity would reveal its criminal purpose early,  US Army researchers have developed a tool that would stop transmitting traffic after a given number of messages had be transmitted.

The resulting compressed network traffic was analysed and compared to the analysis performed on the original network traffic.

This research was done at the US Army Combat Capabilities Development Command's Army Research Laboratory, and Towson University and they potentially identified new ways to improve network security.

Many cybersecurity systems use distributed network intrusion detection. This allows a small number of highly trained analysts to monitor several networks at the same time. The process reduces cost through economies of scale and more efficiently controls the limited cybersecurity expertise. 

However, the researchers realised that this approach requires data to be transmitted from network intrusion detection sensors on the defended network to central analysis severs. Transmitting all of the data captured by sensors requires too much bandwidth, researchers realised.

Because of this, most distributed network intrusion detection systems only send alerts, or summaries of activities, back to the security analyst. With only these summaries, cyber-attacks can go undetected because the analyst did not have enough information to understand the network activity, or, alternatively, time may be wasted chasing down false positives.

As suspected, researchers found cyber-attacks often do do the the most damage early in the transmission process. But when the team identified malicious activity later in the transmission process, it was usually not the first occurrence of malicious activity in that network flow.

"This strategy should be effective in reducing the amount of network traffic sent from the sensor to central analyst system," said Sidney Smith, an ARL researcher and the study's lead author.

"Ultimately, this strategy could be used to increase the reliability and security of Army networks."

For the next phase, researchers want to integrate this technique with network classification and lossless compression techniques to reduce the amount of traffic that needs to be transmitted to the central analysis systems to less than 10% of the original traffic volume while losing no more than 1% of cyber security alerts.

"The future of intrusion detection is in machine learning and other artificial intelligence techniques," Smith said.

"However, many of these techniques are too resource intensive to run on the remote sensors, and all of them require large amounts of data. A cybersecurity system incorporating our research

EurekaAlert:         FCW:       USArmyDevCom:

You Might Also Read:



 

« WannaCry Hero Deserves a Pardon, Not A Conviction
A Predictive Tool For Armed Police »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

KIOS Center of Excellence (KIOS CoE)

KIOS Center of Excellence (KIOS CoE)

KIOS carries out top level research in the area of Information and Communication Technologies (ICT) with emphasis on the Monitoring, Control and Security of Critical Infrastructures.

ThreatAware

ThreatAware

Total visibility of your business cybersecurity. Monitoring, management and compliance for your cybersecurity tools, people and processes from one easy to use dashboard.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

CryptoCurrency Certification Consortium (C4)

CryptoCurrency Certification Consortium (C4)

The CryptoCurrency Certification Consortium is a non-profit organization that provides certifications to professionals who perform cryptocurrency-related services.

HUB Security

HUB Security

Hub Security provide Ultra Secure, Military Grade HSM (Hardware Security Module) Solutions for Blockchain and Digital Assets.

Jump Capital

Jump Capital

Jump provides series A and B capital to data-driven tech companies within the FinTech, IT & Data Infrastructure, B2B SaaS and Media sectors.

Omnipotech

Omnipotech

Omnipotech is a complete managed service provider. From desktop to datacenter, all the technology support you need, under one umbrella.

IT Band Systems

IT Band Systems

IT Band Systems is an international provider of IT products and services including web server monitoring and web security consulting.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

Dataships

Dataships

We help companies automate their privacy compliance while building healthy, transparent data relationships with their customers.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Resourcive

Resourcive

Resourcive is the first Value Added Sourcing “VAS” consultancy. We deliver strategic IT sourcing solutions to mid-market and enterprise clients.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.