Cybersecurity is the growing concern for many businesses around the world; it’s estimated that by 2022 enterprises and government agencies would have spent close to $20 billion on cybersecurity and infrastructure. Some cybersecurity experts from Army Cybersecurity corporate research laboratory and Towson University have found an effective way to tackle the cybersecurity.
Many cybersecurity systems use distributed network intrusion detection that allows the small number of highly trained analysis to monitor several networks at the same time. However, due to the recent rise in data activities, the process of data transfer from detection sensors to central analysis servers needs too much bandwidth. This has led to many of the cybersecurity experts only monitor the alerts based on the requirements. The alerts consist of summary about the complete network activity.
Working on the given condition of detecting malicious activity early, the research group developed a tool that would stop transmitting traffic after a given set of messages; the initial detection would be faster. The compressed result of network traffic was analyzed and compared to the analysis performed on the original network traffic. The cyber-attacks often manifest malicious activities early during the transmission process. For the next step researchers went on to integrate this technique with network classification and lossless compression technique to reduce the amount of traffic that needs to be transmitted to analysts. It is reducing the cost to less than 10 percent of the original traffic volume while losing no more than 1 percent of cybersecurity alerts. Sidney Smith, an ARL researcher “The future detection of intrusion on systems will depend on machine learning and Artificial intelligence technique. Many of these techniques are resource intensive making the techniques too cost inefficient.” Incorporating the research will allow the data most likely to be malicious to be gathered for further analysis.