Abstract
Various contexts of relevance to cyber security involve the analysis of data
that has a statistical character and in some cases the extraction of particular
features from datasets of fitted distributions or empirical frequency distributions.
Such statistics, for example,
may be collected in the automated monitoring of IP-related data
during accessing or attempted accessing of web-based resources, or may be
triggered through an alert for suspected cyber attacks.
Information geometry provides a Riemannian geometric framework in which to
study smoothly parametrized families of probability density functions, thereby
allowing the use of geometric tools to study statistical features of processes
and possibly the representation of features that are associated with attacks.
In particular, we can obtain mutual distances among members of the family
from a collection of datasets, allowing for example measures of departures
from Poisson random or uniformity, and discrimination between nearby distributions.
Moreover, this allows the representation of large numbers of datasets
in a way that respects any topological features in the frequency data
and reveals subgroupings in the datasets using dimensionality reduction.
Here some results are reported on statistical and information geometric studies
concerning pseudorandom sequences, encryption-decryption timing analyses,
comparisons of nearby signal distributions and departure from uniformity for
evaluating obscuring techniques.
\keywords{cyber security, empirical frequency distributions, pseudorandom sequences,
encryption-decryption timing, proximity to uniformity, nearby signals
discrimination, information geometry, gamma distributions, Gaussian distributions,
dimensionality reduction
that has a statistical character and in some cases the extraction of particular
features from datasets of fitted distributions or empirical frequency distributions.
Such statistics, for example,
may be collected in the automated monitoring of IP-related data
during accessing or attempted accessing of web-based resources, or may be
triggered through an alert for suspected cyber attacks.
Information geometry provides a Riemannian geometric framework in which to
study smoothly parametrized families of probability density functions, thereby
allowing the use of geometric tools to study statistical features of processes
and possibly the representation of features that are associated with attacks.
In particular, we can obtain mutual distances among members of the family
from a collection of datasets, allowing for example measures of departures
from Poisson random or uniformity, and discrimination between nearby distributions.
Moreover, this allows the representation of large numbers of datasets
in a way that respects any topological features in the frequency data
and reveals subgroupings in the datasets using dimensionality reduction.
Here some results are reported on statistical and information geometric studies
concerning pseudorandom sequences, encryption-decryption timing analyses,
comparisons of nearby signal distributions and departure from uniformity for
evaluating obscuring techniques.
\keywords{cyber security, empirical frequency distributions, pseudorandom sequences,
encryption-decryption timing, proximity to uniformity, nearby signals
discrimination, information geometry, gamma distributions, Gaussian distributions,
dimensionality reduction
| Original language | English |
|---|---|
| Title of host publication | Operations Research, Engineering, and Cyber Security |
| Editors | NJ Daras |
| Place of Publication | Cham |
| Publisher | Springer Nature |
| Chapter | 9 |
| Pages | 167-198 |
| Number of pages | 30 |
| Volume | 113 |
| Edition | 1 |
| ISBN (Print) | 978-3-3-319-51500-7 |
| Publication status | Published - 2017 |
Publication series
| Name | Optimization and its Applications |
|---|---|
| Publisher | Springer |