Correlating intrusion events and building attack scenarios through attack graph distances
作者: S. Noel , E. Robertson , S. Jajodia
DOI: 10.1109/CSAC.2004.11
关键词: Complex event processing 、 Data mining 、 Attack graph 、 Intrusion 、 Exploit 、 Theoretical computer science 、 Event correlation 、 Lack of knowledge 、 Small number 、 Computer science 、 Correlation
摘要: … Another approach to causal correlation is to represent relationships among events with graphs instead of logical rules. However, because this is still based on intrusion detection …
computer.org
acsac.org
fit.edu 参考文章(13)
Peng Ning, Christopher G. Healey, Robert St. Amant, Dingbang Xu, Building Attack Scenarios through Integration of Complementary Alert Correlation Method. network and distributed system security symposium. ,(2004)
Yu-Sung Wu, Bingrui Foo, Yongguo Mei, S. Bagchi, Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS annual computer security applications conference. pp. 234- 244 ,(2003) , 10.1109/CSAC.2003.1254328
Benjamin Morin, Ludovic Mé, Hervé Debar, Mireille Ducassé, M2D2: a formal data model for IDS alert correlation recent advances in intrusion detection. pp. 115- 137 ,(2002) , 10.1007/3-540-36084-0_7
Steven Noel, Sushil Jajodia, Managing attack graph complexity through visual hierarchical aggregation visualization for computer security. pp. 109- 118 ,(2004) , 10.1145/1029208.1029225
Sushil Jajodia, Topological analysis of network attack vulnerability Proceedings of the 2nd ACM symposium on Information, computer and communications security - ASIACCS '07. pp. 2- 2 ,(2007) , 10.1145/1229285.1229288
Paul Ammann, Duminda Wijesekera, Saket Kaushik, Scalable, graph-based network vulnerability analysis Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 217- 224 ,(2002) , 10.1145/586110.586140
S. Noel, S. Jajodia, B. O'Berry, M. Jacobs, Efficient minimum-cost network hardening via exploit dependency graphs 19th Annual Computer Security Applications Conference, 2003. Proceedings.. pp. 86- 95 ,(2003) , 10.1109/CSAC.2003.1254313
R.W. Ritchey, P. Ammann, Using model checking to analyze network vulnerabilities ieee symposium on security and privacy. pp. 156- 165 ,(2000) , 10.1109/SECPRI.2000.848453
Alfonso Valdes, Keith Skinner, Probabilistic Alert Correlation recent advances in intrusion detection. pp. 54- 68 ,(2001) , 10.1007/3-540-45474-8_4
L.P. Swiler, C. Phillips, D. Ellis, S. Chakerian, Computer-attack graph generation tool darpa information survivability conference and exposition. ,vol. 2, pp. 307- 321 ,(2001) , 10.1109/DISCEX.2001.932182