Detection of System Abnormal State by Cyber Attack

Vol. 29, No. 5, pp. 1027-1037, Oct. 2019
10.13089/JKIISC.2019.29.5.1027, Full Text:
Keywords: Cyber Attack, Unknown Attack, Word Embedding, Novelty Detection, Anomaly Detection
Abstract

Conventional cyber-attack detection solutions are generally based on signature-based or malicious behavior analysis so thathave had difficulty in detecting unknown method-based attacks. Since the various information occurring all the time reflectsthe state of the system, by modeling it in a steady state and detecting an abnormal state, an unknown attack can bedetected. Since a variety of system information occurs in a string form, word embedding, ie, techniques for convertingstrings into vectors preserving their order and semantics, can be used for modeling and detection. Novelty Detection, whichis a technique for detecting a small number of abnormal data in a plurality of normal data, can be performed in order todetect an abnormal condition. This paper proposes a method to detect system anomaly by cyber attack using embedding andnovelty detection.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
윤여정 and 정유진, "Detection of System Abnormal State by Cyber Attack," Journal of The Korea Institute of Information Security and Cryptology, vol. 29, no. 5, pp. 1027-1037, 2019. DOI: 10.13089/JKIISC.2019.29.5.1027.

[ACM Style]
윤여정 and 정유진. 2019. Detection of System Abnormal State by Cyber Attack. Journal of The Korea Institute of Information Security and Cryptology, 29, 5, (2019), 1027-1037. DOI: 10.13089/JKIISC.2019.29.5.1027.