U.S. Department of Energy Office of Scientific and Technical Information
Title: Situ
Software·
OSTI ID:1232450
Rapidly discovering novel and sophisticated cyber attacks and providing situation aware-ness to analysts are unsolved problems in cyber security. We have developed a platform that scores events in real-time based on probabilistic models to define how typical an event is. This anomaly detection approach is based on unsupervised, probabilistic modeling of data at multiple scales. Scoring events based on multiple scales allows the system to 1) score anomalousness at different levels to detect important events that would otherwise be hidden, and 2) explain to users why an event is anomalous, not just that it is. The system was designed to address several challenges: 1) scaling to very high volume, heterogeneous, streaming data, and 2) minimizing the time from observation to discovery to understanding. The prototype has the real-time framework for pushing scored events to a web-based visualization.
To order this software or receive further information, please fill out the following request: Request Software
@misc{osti_1232450,
title = {Situ, Version 00},
author = {},
abstractNote = {Rapidly discovering novel and sophisticated cyber attacks and providing situation aware-ness to analysts are unsolved problems in cyber security. We have developed a platform that scores events in real-time based on probabilistic models to define how typical an event is. This anomaly detection approach is based on unsupervised, probabilistic modeling of data at multiple scales. Scoring events based on multiple scales allows the system to 1) score anomalousness at different levels to detect important events that would otherwise be hidden, and 2) explain to users why an event is anomalous, not just that it is. The system was designed to address several challenges: 1) scaling to very high volume, heterogeneous, streaming data, and 2) minimizing the time from observation to discovery to understanding. The prototype has the real-time framework for pushing scored events to a web-based visualization.},
doi = {},
url = {https://www.osti.gov/biblio/1232450},
year = {Mon Jun 16 00:00:00 EDT 2014},
month = {Mon Jun 16 00:00:00 EDT 2014},
note =
}