A Coordinated Approach to Cyber-Situation Awarness Based on Traffic Anomaly Detection

Sponsor: Army Research Office (ARO), Computing and Information Sciences

Award Number: W911NF-11-1-0227

PI: Ioannis (Yannis) Ch. Paschalidis

This project aims at developing a suite of anomaly detection algorithms and tools monitoring network traffic and operating both at the local (resource) level and the wider (global) network level. It will leverage recent work by the PIs on statistical temporal anomaly detection using random and Markovian models and on detecting wider network spatial anomalies based on Markovian and deterministic data-analysis approaches. Inputs from anomaly detectors and additional features will be processed by a clustering/pattern recognition approach to identify and classify specific cyber attack scenarios that can help counteraction.

For more information, click here.