all InfoSec news
PRISM: A Hierarchical Intrusion Detection Architecture for Large-Scale Cyber Networks. (arXiv:2111.11000v2 [cs.CR] UPDATED)
cs.CR updates on arXiv.org arxiv.org
The increase in scale of cyber networks and the rise in sophistication of
cyber-attacks have introduced several challenges in intrusion detection. The
primary challenge is the requirement to detect complex multi-stage attacks in
realtime by processing the immense amount of traffic produced by present-day
networks. In this paper we present PRISM, a hierarchical intrusion detection
architecture that uses a novel attacker behavior model-based sampling technique
to minimize the realtime traffic processing overhead. PRISM has a unique
multi-layered architecture that monitors …
architecture cyber detection intrusion intrusion detection large networks scale