4 May 2017 Fusion of cyber sensors on a network for improved detection and classification
Author Affiliations +
Abstract
This paper investigates the fusion process of combining cyber sensors on a network to detect and classify cyber behaviors – good and bad. Some bad cyber activity can be confused as appropriate (good) activity and vice versa. To wrongly block good activity is an error. Also, to allow bad cyber activity to continue believing it to be good activity is also an error. We wish to minimize these errors. Some bad cyber activity can be classified according to its severity. Confusing an extremely severe cyber activity for a mildly bad cyber activity can be a costly mistake also. We assume there are several classification systems present on the network, that is, a sensor, processor and exploiter at a minimum for each system. Also, the sensors may be disparate. Assume each system has a ROC manifold that is known, or has a good approximation. The goal of this paper is to demonstrate that there a best combining rule.
Conference Presentation
© (2017) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Mark E. Oxley, Mark E. Oxley, Igor V. Ternovskiy, Igor V. Ternovskiy, } "Fusion of cyber sensors on a network for improved detection and classification", Proc. SPIE 10185, Cyber Sensing 2017, 101850H (4 May 2017); doi: 10.1117/12.2267798; https://doi.org/10.1117/12.2267798
PROCEEDINGS
9 PAGES + PRESENTATION

SHARE
Back to Top