Researchers Find Clues for Dramatically Reducing IDS Traffic VolumeResearchers Find Clues for Dramatically Reducing IDS Traffic Volume
Research at military labs and Towson University shows that identifying malicious activity may require much less captured data than has been the case.
April 20, 2019

Researchers at the US Army Combat Capabilities Development Command's Army Research Laboratory, the Army's corporate research laboratory (ARL), and Towson University have jointly developed techniques that should allow analysts to identify threats faster and with much less data than current methods.
In their research, the scientists found that malicious software tends to be malicious sooner, rather than later, in its network presence. This discovery has allowed them to perform analysis after transmitting much less traffic from an intrusion detection sensor to the analyst than is typically the case. The issue of intrusion detection sensor data volume has become critical as network traffic and malicious activity have both increased, leading to a dramatic increase in the sheer amount of data delivered for analysis.
The research goal is to use less than 10% of the original required data to perform analysis with less than 1% loss of security alerts. That compression will be the topic of the next phase in the research.
The research was presented in a paper at the 10th International Multi-Conference on Complexity, Informatics and Cybernetics.
Read more here.
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.
Read more about:
2019About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023