Authors: Jonathan Pan
Addresses: Wee Kim Wee School of Communication and Information, Nanyang Technological University, Singapore
Abstract: Organisations are increasingly challenged by advanced malware's persistent evasive intrusions. Cyber security analytics provide promising possibilities for defences to catch up. However, there are challenges to cyber security analytics development. The unknown and constantly evolving cyber attack patterns poses much challenge to the effectiveness of detection algorithms. This research deals with this challenge to cyber security analytics development by proposing the use of data farming techniques to produce data containing varied simulated conditions. This in turn could facilitate cyber security analytics development. Data farming is used in military strategic planning to identify possible unknowns and subsequently develop defensive countermeasures. This proposition entails the use of agent-based modelling to simulate the computing environment involving various actors including the malware. The output of the model is farmed data that contains weblog network behaviour information. The data is then verified using anomaly detection statistical techniques as part of model verification.
Keywords: cyber security analytics; data farming; model development; malware; agent-based modelling; agent-based systems; multi-agent systems; MAS; simulation; weblog network behaviour; anomaly detection; model verification.
International Journal of Information Privacy, Security and Integrity, 2016 Vol.2 No.3, pp.197 - 215
Available online: 23 Aug 2016 *Full-text access for editors Access for subscribers Purchase this article Comment on this article