Cyber Anomaly Detection – A selected literature review

PDF

Authors
  1. Martineau, E.
Corporate Authors
Defence R&D Canada - Valcartier, Valcartier QUE (CAN)
Abstract
The cyber security domain is becoming a priority for the Canadian Forces and its allies. Potential threats presented by terrorism, espionage and even warfare are enough to raise security concerns. Conducted within the framework of cyber security, this work builds on projects 11 hg and 11 hk on maritime anomaly detection, by exploiting the abstract nature of anomaly detection. The aim of this document is to first present anomaly detection in general, and then to summarize recent publications on it in the cyber domain. The topics explored are program execution, network flow, payload inspection, and honey pots. Furthermore, papers on specific applications such as SCADA network, automotive systems, and network clusters are also part of the reviewed material. It has been found that while anomaly detection is not a solution to cyber threat on its own, it can be a valuable tool to detect zero-day attacks. A direct consequence of this observation is that cyber anomaly detection offers many research opportunities for detecting when systems are used outside their designed boundaries or in an abusive manner.

Il y a un résumé en français ici.

Keywords
Anomaly detection;Cyber security
Report Number
DRDC-VALCARTIER-TM-2011-417 — Technical Memorandum
Date of publication
01 Jun 2012
Number of Pages
32
DSTKIM No
CA046629
CANDIS No
807025
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: