scholarly journals The Next Generation Cognitive Security Operations Center: Network Flow Forensics Using Cybersecurity Intelligence

2018 ◽  
Vol 2 (4) ◽  
pp. 35 ◽  
Author(s):  
Konstantinos Demertzis ◽  
Panayiotis Kikiras ◽  
Nikos Tziritas ◽  
Salvador Sanchez ◽  
Lazaros Iliadis
Keyword(s):  
Network Flow ◽  
Computer Network ◽  
Cognitive Computing ◽  
Next Generation ◽  
Vast Number ◽  
Ensemble Machine Learning ◽  
Potential Disadvantage ◽  
Security Operations ◽  
Computational Resources ◽  
Operations Center

A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms. For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.

scholarly journals The Next Generation Cognitive Security Operations Center: Adaptive Analytic Lambda Architecture for Efficient Defense against Adversarial Attacks

2019 ◽  
Vol 3 (1) ◽  
pp. 6 ◽  
Author(s):  
Konstantinos Demertzis ◽  
Nikos Tziritas ◽  
Panayiotis Kikiras ◽  
Salvador Llopis Sanchez ◽  
Lazaros Iliadis
Keyword(s):  
Data Analysis ◽  
Network Flow ◽  
Streaming Data ◽  
Cognitive Computing ◽  
Security Strategy ◽  
K Nearest Neighbors ◽  
Processing Technologies ◽  
Lambda Architecture ◽  
Security Operations ◽  
Operations Center

A Security Operations Center (SOC) is a central technical level unit responsible for monitoring, analyzing, assessing, and defending an organization’s security posture on an ongoing basis. The SOC staff works closely with incident response teams, security analysts, network engineers and organization managers using sophisticated data processing technologies such as security analytics, threat intelligence, and asset criticality to ensure security issues are detected, analyzed and finally addressed quickly. Those techniques are part of a reactive security strategy because they rely on the human factor, experience and the judgment of security experts, using supplementary technology to evaluate the risk impact and minimize the attack surface. This study suggests an active security strategy that adopts a vigorous method including ingenuity, data analysis, processing and decision-making support to face various cyber hazards. Specifically, the paper introduces a novel intelligence driven cognitive computing SOC that is based exclusively on progressive fully automatic procedures. The proposed λ-Architecture Network Flow Forensics Framework (λ-ΝF3) is an efficient cybersecurity defense framework against adversarial attacks. It implements the Lambda machine learning architecture that can analyze a mixture of batch and streaming data, using two accurate novel computational intelligence algorithms. Specifically, it uses an Extreme Learning Machine neural network with Gaussian Radial Basis Function kernel (ELM/GRBFk) for the batch data analysis and a Self-Adjusting Memory k-Nearest Neighbors classifier (SAM/k-NN) to examine patterns from real-time streams. It is a forensics tool for big data that can enhance the automate defense strategies of SOCs to effectively respond to the threats their environments face.

scholarly journals Adaptation of Random Binomial Graphs for Testing Network Flow Problems Algorithms

Mathematics ◽  
2021 ◽  
Vol 9 (15) ◽  
pp. 1716
Author(s):  
Adrian Marius Deaconu ◽  
Delia Spridon
Keyword(s):  
Network Flow ◽  
Large Scale ◽  
Random Network ◽  
Minimum Cost ◽  
Maximum Flow ◽  
Network Flow Problems ◽  
Commodity Flow ◽  
Vast Number ◽  
Flow Problems ◽  
Execution Speed

Algorithms for network flow problems, such as maximum flow, minimum cost flow, and multi-commodity flow problems, are continuously developed and improved, and so, random network generators become indispensable to simulate the functionality and to test the correctness and the execution speed of these algorithms. For this purpose, in this paper, the well-known Erdős–Rényi model is adapted to generate random flow (transportation) networks. The developed algorithm is fast and based on the natural property of the flow that can be decomposed into directed elementary s-t paths and cycles. So, the proposed algorithm can be used to quickly build a vast number of networks as well as large-scale networks especially designed for s-t flows.

Distributed and Centralized H∞ Control of Large Segmented Telescopes

2010 ◽  
Author(s):  
Baris Ulutas ◽  
Afzal Suleman ◽  
Edward J. Park
Keyword(s):  
Next Generation ◽  
Vast Number ◽  
Primary Mirror ◽  
Performance Requirements ◽  
Distributed Controller ◽  
Nodal Model ◽  
Distributed Controllers ◽  
Simulation Results ◽  
Imaging Performance ◽  
Large Primary

Next generation telescopes are to employ segmented mirrors to realize extremely large primary mirror surfaces. Most of the current ground-based telescopes has monolithic mirrors with radius upto 8 metres. Due to limitations segmentation is preferred for larger size mirrors. Segmentation of mirrors brings a challenging task of controlling the vast number of individual units. In this paper, the H∞ control of the primary mirror of the next generation telescopes are investigated. Both spatially-invariant distributed and centralized controllers are designed for simplified dynamic model of a 37 segment test unit. Firstly, the 37 segment system is modelled by adopting a nodal model. Secondly, an analytic calculation of a H∞ controller is presented. A centralized H∞ controller is, then, designed and simulated in MatLab-Simulink environment. Next, the simulation results are presented and the performance of the controller is evaluated. Thirdly, spatially-invariant distributed controller synthesis is described and a spatially-invariant distributed controller is designed for 37 segment system by controller truncation. The spatially-invariant distributed controller is simulated for the 37 segment system. The simulation results of the controller is presented and compared with the results from centralized scheme. It is shown that both centralized and spatially-invariant distributed controllers satisfy the imaging performance requirements.

Challenges and performance metrics for security operations center analysts: a systematic review

2019 ◽  
Vol 4 (3) ◽  
pp. 125-152 ◽  
Author(s):  
Enoch Agyepong ◽  
Yulia Cherdantseva ◽  
Philipp Reinecke ◽  
Pete Burnap
Keyword(s):  
Systematic Review ◽  
Performance Metrics ◽  
Security Operations ◽  
And Performance ◽  
Operations Center

Neuromorphic technologies for next-generation cognitive computing

2017 ◽  
Author(s):  
Robert M. Shelby ◽  
Pritish Narayanan ◽  
Stefano Ambrogio ◽  
Hsinyu Tsai ◽  
Kohji Hosokawa ◽  
...  
Keyword(s):  
Cognitive Computing ◽  
Next Generation
Sign in / Sign up

Export Citation Format

Share Document