There is increasing pressure to protect computer networks against unauthorized intrusion, and some work in this area is concerned with engineering systems that are robust to attack. However, no system can be made invulnerable. Data Analysis for Network Cyber-Security focuses on monitoring and analyzing network traffic data, with the intention of preventing, or quickly identifying, malicious activity.Such work involves the intersection of statistics, data mining and computer science. Fundamentally, network traffic is relational, embodying a link between devices. As such, graph analysis approaches are a natural candidate. However, such methods do not scale well to the demands of real problems, and the critical aspect of the timing of communications events is not accounted for in these approaches.This book gathers papers from leading researchers to provide both background to the problems and a description of cutting-edge methodology. The contributors are from diverse institutions and areas of expertise and were brought together at a workshop held at the University of Bristol in March 2013 to address the issues of network cyber security. The workshop was supported by the Heilbronn Institute for Mathematical Research.
Foreword (Geoff Robinson); Introduction (Niall Adams); Inference for Graphs and Networks (Benjamin P Olding and Patrick J Wolfe); Rapid Detection of Attacks by Quickest Changepoint Detection Methods (Alexander G Tartakovsky); Statistical Detection of Intruders Within Computer Networks Using Scan Statistics (Joshua Neil, Curtis Storlie, Curtis Hash and Alex Brugh.); Characterizing Dynamic Group Behavior in Social Networks for Cybernetics (Sumeet Dua and Pradeep Chowriappa); Several Approaches for Detecting Anomalies in Network Traffic Data (Celine Levy-Leduc); Monitoring a Device in a Communication Network (Nicholas A Heard and Melissa Turcotte).