University of Jyväskylä

Dissertation: 15.12.2016 M.Sc. Tero Kokkonen (Faculty of Information Technology, Information Technology)

Start date: Dec 15, 2016 12:00 PM

End date: Dec 15, 2016 03:00 PM

Location: Mattilanniemi, Lea Pulkkisen sali

 

Tero Kokkonen
Tero Kokkonen
M.Sc. Tero Kokkonen his doctoral dissertation in Information Technology Anomaly-Based Online Intrusion Detection System as a Sensor for Cyber Security Situational Awareness System”. Opponent Professor Jarno Limnéll (Aalto University) and custos Professor Timo Hämäläinen (University of Jyväskylä).The event is in Finnish.

Abstract

Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation concentrates on research and development of anomaly-based network intrusion detection system as a sensor for a situational awareness system. In this dissertation, several models of intrusion detection systems are developed using clustering-based data-mining algorithms for creating a model of normal user behaviour and finding similarities and dissimilarities compared to that model. That information can be used as a sensor feed in a situational awareness system in cyber security. A model of cyber security situational awareness system with multisensor fusion capability is presented in this thesis. Also a model for exchanging the information of cyber security situational awareness is generated. The constructed intrusion detection system schemes are tested with different scenarios even in online mode with real user data.

Keywords: Anomaly Detection, Clustering, Cyber Security, Early Warning, Information Sharing, Intrusion Detection System, Network Security, Situational Awareness

The dissertation is published in the series Jyväskylä Studies in Computing numerona 251, 82 p., Jyväskylä 2016, ISSN 1456-5390; 1456-5390; 251), ISBN 978-951-39-6831-1 (nid.), ISBN 978-951-39-6832-8 (PDF). It is available at the Soppi University Shop and University of Jyväskylä Web Store, tel. +358 (0)40 805 3825, myynti@library.jyu.fi

Further information:

Tero Kokkonen, tero.t.kokkonen@student.jyu.fi
Communications Officer Anitta Kananen, tiedotus@jyu.fi, tel. +358 40 805 4142