Logical Filter Approach for Early Stage Cyber-Attack Detection

Vacius Jusas1, Saulius Japertas2, Tautvydas Baksys3 and Sandeepak Bhandari4

  1. Software Engineering Department, Kaunas University of Technology
    Studentu St. 50, LT‐51368 Kaunas, Lithuania
  2. Department of Electronics Engineering, Kaunas University of Technology
    Studentu St. 50, LT‐51368 Kaunas, Lithuania
  3. Department of Computer Science, Kaunas University of Technology
    Studentu St. 50, LT‐51368 Kaunas, Lithuania
  4. Software Engineering Department, Kaunas University of Technology
    Studentu St. 50, LT‐51368 Kaunas, Lithuania

Abstract

The planned in advance cyber-attacks cause the most damage for the users of the information systems. Such attacks can take a very long time, require considerable financial and human resources, and therefore, they can only be organized by large interest groups. Furthermore, current intrusion detection systems, intrusion prevention systems and intrusion response systems used to protect against cyber-attacks have several shortcomings. Such systems respond only to the attack itself when it is too late to take a preventive action and they are not suitable for detecting an attack in early stages when it is possible to block the attack and minimize the losses. Early detection requires detailed monitoring of network and system parameters to be able to accurately identify the early stages of the attack when it is still possible to kill the attack chain. In this paper, we propose to consider an attack chain consisting of nine stages. The method to detect early stage cyber-attack based on the attack chain analysis using hardware implementation of logical filters is suggested. The performed experiment acknowledges the possibility to detect the attack in the early stages.

Key words

System security; Cyber-attack; Intrusion detection; Logical circuits

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS190122008J

Publication information

Volume 16, Issue 2 (June 2019)
Year of Publication: 2019
ISSN: 1820-0214 (Print) 2406-1018 (Online)
Publisher: ComSIS Consortium

Full text

DownloadAvailable in PDF
Portable Document Format

How to cite

Jusas, V., Japertas, S., Baksys, T., Bhandari, S.: Logical Filter Approach for Early Stage Cyber-Attack Detection. Computer Science and Information Systems, Vol. 16, No. 2, 491-514. (2019), https://doi.org/10.2298/CSIS190122008J