U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Multidimensional Cybersecurity Analytics MCA

Overview

There is an increasing demand for robust capabilities of programmatically detecting intrusions and errors of computer programs in real time. This demand is growing rapidly as our society relies more on the ever-increasing number, variety, complexity, and interplay of computer programs. We experience this demand everyday – the performance of our email servers and other cloud services, recent glitches of Healthcare.gov, Internet banking services, and the variety and complexity of cyber-security concerns at personal, organizational, national, and international levels.

Anomaly-based intrusion detection techniques, such as the system-call monitoring and call-stack tracing techniques, focus around detecting runtime deviations (anomalies) from the observed normal of computer programs. This approach has been shown to be particularly useful for protecting an arbitrary computer program from unknown harms and errors without the knowledge of the program’s internal logic. This research is developing a framework for reasoning about a variable number of monitoring dimensions for applying anomaly detection in various contexts to provide mass protection of the numerous computer programs comprising our critical computing infrastructure.


 

Contacts

Mr. David Waltermire
david.waltermire@nist.gov
(301) 975-3390

Created September 02, 2016, Updated June 22, 2020