Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Visual Metaphors to monitor Cyber Attacks thro...

Visual Metaphors to monitor Cyber Attacks through Anomaly Detection

Yury Nino

June 22, 2023
Tweet

More Decks by Yury Nino

Other Decks in Technology

Transcript

  1. ▪ Motivations ▪ What is Anomaly Detection? ▪ Where do

    we see Anomalies? ▪ What is a Metaphor? ▪ Comparing Metaphors vs Traditional ▪ Approaches in this field
  2. Motivations Challenges to be solved in this area: • Ability

    of the security system to detect previously unknown attacks. • The efficiency depends on the datasets used to train the ML models. • The completeness and validity are questionable. Cyberattacks on software systems can lead to severe consequences, and therefore it is extremely important to detect them at early stages.
  3. An Anomaly can be seen as a Cyberattack because it

    is a signal of any change in the specific established standard communication of a network.
  4. What is an Anomaly? Anomaly detection is the process of

    identifying anomalous events that do not match the expected behaviour of the system. Currently, anomaly detection approaches are often implemented using machine learning, such as shallow (or traditional) learning and deep learning!
  5. 1. Statistical Methods Univariate and multivariate analysis. 2. Knowledge-based Methods

    Finite-state machine, heuristics and rulesets. 3. Machine learning Methods Supervised and unsupervised techniques. Anomaly Detection Methods
  6. 1. Datasource Logs Network Packets, CPU, process and RAM logs

    2. Records in Physical Systems Such as cyber-physical system (CPS) or intelligent systems. 3. Data in Databases Including structured and unstructured records, available in SQL/No SQL Databases. Data Sources
  7. No matter if you use traditional or sophisticated visualization techniques,

    they will make easier the detection of Anomalies.
  8. Visual Metaphors Because all primates, including humans, are highly visual

    creatures! Half of the human brain is directly devoted to processing visual information. At least 65% of people are visual learners. It could be higher depending on the topic. Presentations using visual ads were found to be 43% more persuasive than unaided presentations.
  9. A Visual Metaphor is a mapping from concepts and objects

    of the simulated application domain to a system of similarities and analogies.
  10. Metaphors Scenarios 1. Sabotaging of local file stores through creation

    and deletion of sensitive files and folders. 2. Botnet scanning activities. 3. Resource flooding (CPU and network).
  11. Metaphors Scenarios 1. Sabotaging of local file stores through creation

    and deletion of sensitive files and folders. 2. Botnet scanning activities. 3. Resource flooding (CPU and network).