About the journal

• Home page
• Contact information
• Aims and scope
• Indexing information
• Editorial policies
• ComSIS consortium
• Journal boards
• Managing board

For authors

• Information for contributors
• Paper submission
• Article submission through OJS
• Copyright transfer form
• Download section

For readers

• Forthcoming articles
• Current issue
• Archive

For reviewers

• View and review submissions

News

• Journal's Facebook page
• Calls for special issues
• New issue notification

Logical Filter Approach for Early Stage Cyber-Attack Detection

Vacius Jusas¹, Saulius Japertas², Tautvydas Baksys³ and Sandeepak Bhandari⁴

1. Software Engineering Department, Kaunas University of Technology
   Studentu St. 50, LT‐51368 Kaunas, Lithuania
2. Department of Electronics Engineering, Kaunas University of Technology
   Studentu St. 50, LT‐51368 Kaunas, Lithuania
3. Department of Computer Science, Kaunas University of Technology
   Studentu St. 50, LT‐51368 Kaunas, Lithuania
4. Software Engineering Department, Kaunas University of Technology
   Studentu St. 50, LT‐51368 Kaunas, Lithuania

Abstract

The planned in advance cyber-attacks cause the most damage for the users of the information systems. Such attacks can take a very long time, require considerable financial and human resources, and therefore, they can only be organized by large interest groups. Furthermore, current intrusion detection systems, intrusion prevention systems and intrusion response systems used to protect against cyber-attacks have several shortcomings. Such systems respond only to the attack itself when it is too late to take a preventive action and they are not suitable for detecting an attack in early stages when it is possible to block the attack and minimize the losses. Early detection requires detailed monitoring of network and system parameters to be able to accurately identify the early stages of the attack when it is still possible to kill the attack chain. In this paper, we propose to consider an attack chain consisting of nine stages. The method to detect early stage cyber-attack based on the attack chain analysis using hardware implementation of logical filters is suggested. The performed experiment acknowledges the possibility to detect the attack in the early stages.

Key words

System security; Cyber-attack; Intrusion detection; Logical circuits

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS190122008J

Publication information

Volume 16, Issue 2 (June 2019)
Year of Publication: 2019
ISSN: 2406-1018 (Online)
Publisher: ComSIS Consortium

Full text

Available in PDF
Portable Document Format

How to cite

Jusas, V., Japertas, S., Baksys, T., Bhandari, S.: Logical Filter Approach for Early Stage Cyber-Attack Detection. Computer Science and Information Systems, Vol. 16, No. 2, 491-514. (2019), https://doi.org/10.2298/CSIS190122008J