INTELLIGENT FUSION OF SENSOR DATA IN A HIGH PERFORMANCE COMPUTING CLUSTER ENVIRONMENT Ambareen Siraj (as2@msstate.edu) Advisor: Dr. Rayford B. Vaughn Center for Computer Security Research Department of Computer Science - PowerPoint PPT Presentation

1 / 1
About This Presentation
Title:

INTELLIGENT FUSION OF SENSOR DATA IN A HIGH PERFORMANCE COMPUTING CLUSTER ENVIRONMENT Ambareen Siraj (as2@msstate.edu) Advisor: Dr. Rayford B. Vaughn Center for Computer Security Research Department of Computer Science

Description:

Mississippi ... network by analyzing and fusing activities on the interconnected ... High_SignatureX. Suspicious event. SignatureZ 1.0 1.0. Results ... – PowerPoint PPT presentation

Number of Views:86
Avg rating:3.0/5.0

less

Transcript and Presenter's Notes

Title: INTELLIGENT FUSION OF SENSOR DATA IN A HIGH PERFORMANCE COMPUTING CLUSTER ENVIRONMENT Ambareen Siraj (as2@msstate.edu) Advisor: Dr. Rayford B. Vaughn Center for Computer Security Research Department of Computer Science


1
INTELLIGENT FUSION OF SENSOR DATA IN A HIGH
PERFORMANCE COMPUTING CLUSTER ENVIRONMENTAmbareen
Siraj (as2_at_msstate.edu)Advisor Dr. Rayford B.
VaughnCenter for Computer Security
ResearchDepartment of Computer Science
EngineeringMississippi State University
Abstract Over the past few years demands for
more secured systems have increased heavily.
For this reason, most modern intrusion detection
systems employ multiple intrusion sensors to
maximize their trustworthiness. The multiple
intrusion sensors employ different strategies
based on the model they use, the data source they
monitor and the techniques they employ. With
different types of sensors in place it is
difficult to obtain an overall holistic picture
of the status in a complex system. It is,
therefore, extremely important to fuse the
different outputs in an effective and intelligent
manner to provide a useful picture of
trustworthiness in the system. We believe that
such overall security view allows the security
administrator to justify "trust" in the system -
to the extent of system situation. This work
presents a research effort in that direction by
describing an alert fusion model that fuses
information from different intrusion detection
sensors using an artificial intelligence
technique based on causal knowledge inferencing.
Preliminary fusion model has been successfully
embedded into an intrusion detection environment
being built at the Center for Computer Security
Research (CCSR), Mississippi State University. At
present, the fusion model resides in a high
performance cluster environment and assesses
health of the network by analyzing and fusing
activities on the interconnected nodes of the
cluster.
Possibilistic Approach in Sensor Fusion
Alert Fusion Model
Research Aspects
Alert Fusion in High Performance Computing
Cluster
  • For alert Prioritization
  • In assessing priority to low level alerts
  • For alert clustering
  • In defining similarity between alerts
  • For alert correlation
  • In modeling causal relationship between alerts
  • To develop methods for composing scalable sensor
    fusion models
  • To incorporate dynamic modification of sensor
    fusion models
  • To support multi-tier sensor fusion and
  • To explore a distributed approach to sensor
    fusion and decision making.
Write a Comment
User Comments (0)
About PowerShow.com