## Abstract

Various contexts of relevance to cyber security involve the analysis of data

that has a statistical character and in some cases the extraction of particular

features from datasets of fitted distributions or empirical frequency distributions.

Such statistics, for example,

may be collected in the automated monitoring of IP-related data

during accessing or attempted accessing of web-based resources, or may be

triggered through an alert for suspected cyber attacks.

Information geometry provides a Riemannian geometric framework in which to

study smoothly parametrized families of probability density functions, thereby

allowing the use of geometric tools to study statistical features of processes

and possibly the representation of features that are associated with attacks.

In particular, we can obtain mutual distances among members of the family

from a collection of datasets, allowing for example measures of departures

from Poisson random or uniformity, and discrimination between nearby distributions.

Moreover, this allows the representation of large numbers of datasets

in a way that respects any topological features in the frequency data

and reveals subgroupings in the datasets using dimensionality reduction.

Here some results are reported on statistical and information geometric studies

concerning pseudorandom sequences, encryption-decryption timing analyses,

comparisons of nearby signal distributions and departure from uniformity for

evaluating obscuring techniques.

\keywords{cyber security, empirical frequency distributions, pseudorandom sequences,

encryption-decryption timing, proximity to uniformity, nearby signals

discrimination, information geometry, gamma distributions, Gaussian distributions,

dimensionality reduction

that has a statistical character and in some cases the extraction of particular

features from datasets of fitted distributions or empirical frequency distributions.

Such statistics, for example,

may be collected in the automated monitoring of IP-related data

during accessing or attempted accessing of web-based resources, or may be

triggered through an alert for suspected cyber attacks.

Information geometry provides a Riemannian geometric framework in which to

study smoothly parametrized families of probability density functions, thereby

allowing the use of geometric tools to study statistical features of processes

and possibly the representation of features that are associated with attacks.

In particular, we can obtain mutual distances among members of the family

from a collection of datasets, allowing for example measures of departures

from Poisson random or uniformity, and discrimination between nearby distributions.

Moreover, this allows the representation of large numbers of datasets

in a way that respects any topological features in the frequency data

and reveals subgroupings in the datasets using dimensionality reduction.

Here some results are reported on statistical and information geometric studies

concerning pseudorandom sequences, encryption-decryption timing analyses,

comparisons of nearby signal distributions and departure from uniformity for

evaluating obscuring techniques.

\keywords{cyber security, empirical frequency distributions, pseudorandom sequences,

encryption-decryption timing, proximity to uniformity, nearby signals

discrimination, information geometry, gamma distributions, Gaussian distributions,

dimensionality reduction

Original language | English |
---|---|

Title of host publication | Operations Research, Engineering, and Cyber Security |

Editors | NJ Daras |

Place of Publication | Cham |

Publisher | Springer Nature |

Chapter | 9 |

Pages | 167-198 |

Number of pages | 30 |

Volume | 113 |

Edition | 1 |

ISBN (Print) | 978-3-3-319-51500-7 |

Publication status | Published - 2017 |

### Publication series

Name | Optimization and its Applications |
---|---|

Publisher | Springer |