US Army Identifies How To Improve Cybersecurity

Uploaded on 2019-06-04 in GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Developments

Cybersecurity is now one of the US nation's top security concerns as millions of people were affected by breaches around the world. Working on an idea that malevolent network activity would reveal its criminal purpose early,  US Army researchers have developed a tool that would stop transmitting traffic after a given number of messages had be transmitted.

The resulting compressed network traffic was analysed and compared to the analysis performed on the original network traffic.

This research was done at the US Army Combat Capabilities Development Command's Army Research Laboratory, and Towson University and they potentially identified new ways to improve network security.

Many cybersecurity systems use distributed network intrusion detection. This allows a small number of highly trained analysts to monitor several networks at the same time. The process reduces cost through economies of scale and more efficiently controls the limited cybersecurity expertise. 

However, the researchers realised that this approach requires data to be transmitted from network intrusion detection sensors on the defended network to central analysis severs. Transmitting all of the data captured by sensors requires too much bandwidth, researchers realised.

Because of this, most distributed network intrusion detection systems only send alerts, or summaries of activities, back to the security analyst. With only these summaries, cyber-attacks can go undetected because the analyst did not have enough information to understand the network activity, or, alternatively, time may be wasted chasing down false positives.

As suspected, researchers found cyber-attacks often do do the the most damage early in the transmission process. But when the team identified malicious activity later in the transmission process, it was usually not the first occurrence of malicious activity in that network flow.

"This strategy should be effective in reducing the amount of network traffic sent from the sensor to central analyst system," said Sidney Smith, an ARL researcher and the study's lead author.

"Ultimately, this strategy could be used to increase the reliability and security of Army networks."

For the next phase, researchers want to integrate this technique with network classification and lossless compression techniques to reduce the amount of traffic that needs to be transmitted to the central analysis systems to less than 10% of the original traffic volume while losing no more than 1% of cyber security alerts.

"The future of intrusion detection is in machine learning and other artificial intelligence techniques," Smith said.

"However, many of these techniques are too resource intensive to run on the remote sensors, and all of them require large amounts of data. A cybersecurity system incorporating our research

EurekaAlert:         FCW:       USArmyDevCom:

You Might Also Read:



 

« WannaCry Hero Deserves a Pardon, Not A Conviction
A Predictive Tool For Armed Police »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

Verint Systems

Verint Systems

Verint is a leader in CX automation. The world’s most iconic brands rely on our open platform and team of AI-powered bots to create tangible AI business outcomes, now.

Cybertekpro

Cybertekpro

Cybertekpro is a specialist insurance broker providing Cyber Liability insurance and cyber risk assessment services.

Cipher Tooth

Cipher Tooth

CipherTooth is a superior system for delivering secure content over the Internet.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

Technology Law Alliance (TLA)

Technology Law Alliance (TLA)

Technology Law Alliance is a specialist IT law firm focussed on the fields of technology, outsourcing and e-commerce.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

Secuvant

Secuvant

Secuvant is an independent IT Security firm providing enterprise-grade IT security services to mid-market organizations.

blueAllianceIT

blueAllianceIT

blueAlliance IT is an investment and growth platform that unites local MSP and IT companies around the nation, helping them to grow and operate competitively.

Capital Network Solutions

Capital Network Solutions

Capital Network Solutions are a highly accredited managed IT services and consultancy provider, specialising in cyber security, infrastructure and communications.

Identity Digital

Identity Digital

Identity Digital simplifies and connects a fragmented online world with domain names and related technologies that allow people and businesses to build, market and own their digital identities.

Cryptr

Cryptr

Cryptr provides plug and play authentication to manage all your authentication strategies in one place with just a few lines of code.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

MIS Solutions

MIS Solutions

MIS Solutions is a managed cloud and IT security partner making technology work for you.