Study on cyber threat handling method in data network

Abstract

As cyber threats have become a serious problem these days, especially in connection with the stability of network, a significant number of attempts are being made to protect cyber space from various malicious threats. Cyber threat, aka cyber attack, refers to all of actions that disturb integrity, confidentiality and availability of network. With growing numbers of attack techniques, cyber threats have become more sophisticated and diversed resulting in serious damage in the network. In this dissertation, cyber threat handling methods were studied. The first part of our study deals with intrusion detection scheme for network intrusion detection. Recently, as damage caused by Internet threats has increased significantly, one of the major challenges in designing an intrusion detection system is to accurately predict the period and severity of threats. In this study, a novel probabilistic approach is proposed for effective network-based intrusion detection. It uses a Markov chain as basic approach and consists of three main phases. In the first phase, normal states are obtained by K-means clustering, and the concept of outlying states is newly introduced. Next, based on these states, a Markov model including a state transition probability matrix and an initial probability distribution is built under the practical assumptions. In the third phase, the degree of abnormality for network data is statistically estimated using the model in real-time. The performance of the proposed approach is evaluated through experiments using the well-known DARPA 2000 data set and further analyses. The proposed approach achieves high detection performance while representing the level of threat in stages. In particular, it is shown to be very robust to training data sets and the number of states in the Markov model. The second part of our study deals with developing an early warning system (EWS) to protect national-level network from cyber threats or cyber warfare. Recently, cyber at...