Application of distributed computing and machine learning technologies to cybersecurity

SHIELD is a distributed cyber-security system that leverages Network Function Virtualisation for dynamically deploying virtual Network Security Functions. The security functions send network traffic’s monitoring data to a bigdata store. The Data Analysis and Remediation Engine executes security anal...

Descripción completa

Detalles Bibliográficos
Autores: Attak, Hamza, Combalia, Marc, Gardikis, Georgios, Gaston, Bernat, Jacquin, Ludovic, Litke, Antonis, Papadakis, Nikolaos K., Papadopoulos, Dimitris, Pastor, Antonio
Tipo de recurso: artículo
Estado:Versión publicada
Fecha de publicación:2018
País:España
Institución:Varias* (Consorci de Biblioteques Universitáries de Catalunya, Centre de Serveis Científics i Acadèmics de Catalunya)
Repositorio:Recercat. Dipósit de la Recerca de Catalunya
OAI Identifier:oai:recercat.cat:2072/531537
Acceso en línea:http://hdl.handle.net/2072/531537
https://zenodo.org/badge/DOI/10.5281/zenodo.3266038.svg
Access Level:acceso abierto
Palabra clave:Xarxes d'àrea extensa (Ordinadors)
Distributed Artificial Intelligence
Security
Cybersecurity
Artificial Intelligence & Big Data
Network Functions Virtualisation
621.3
Descripción
Sumario:SHIELD is a distributed cyber-security system that leverages Network Function Virtualisation for dynamically deploying virtual Network Security Functions. The security functions send network traffic’s monitoring data to a bigdata store. The Data Analysis and Remediation Engine executes security analytics modules on top of monitoring data modules in order to detect threats. The security analytics heavily leverage Machine Learning algorithms for detecting anomalies and classifying threats. This paper presents the different Machine Learning algorithms and details the obtained results and the direction taken by the project with regards to its implementation, including business capabilities for the cybersecurity solution.