Abstract

Cyber data is generated from a variety of analysis and monitoring tools. Usually the goals are to characterize unknown objects, identify and mitigate objects associated with known attacks, and to determine if an object acts or may act in a way that affects the system security properties. Here we explore the various types and modes of data generation in cyber systems and consider a few of the most basic string analysis tools that are widely used to ensure system safety. We focus first on hash techniques and their analysis of collisions. Next we explore how a hash function may extend its utility in various bag-of-numbers applications, which retains the favorable performance and simplicity ...