Attack detection device, attack detection method, and non-transitory computer readable recording medium recorded with attack detection program
作者: Kiyoto Kawauchi , Hideaki Ijiro
DOI:
关键词:
摘要: For a plurality of events, event stage information is stored which describes an observed by system when attack against the underway, pre-event stage, and post-event stage. Observed notice received notifies system. Event searched for notified information. coinciding with for, or for. If observation non-available that cannot be observed, sequence created treating as having been connecting to each other dependency.
lens.org 参考文章(33)
Yuichi Matsuda, Event dependency management apparatus and event dependency management method ,(2011)
Akira Morita, Yoshinobu Tanigawa, Satoshi Kai, Hiromi Igawa, Masato Arai, Information asset management system, log analysis server, log analysis program, and portable medium ,(2008)
Osamu Koyano, Yoshiki Higashikado, Fumie Takizawa, Satoru Torii, Masashi Mitomo, Device, method and program for detecting unauthorized access ,(2004)
Haiqin Wang, Jai Choi, System and method for network security event modeling and prediction ,(2009)
Persio Walter Bortolotto, A system and a method for event detection and storage ,(2002)
Sandhya Balakrishnan, Automatic event correlation in computing environments ,(2012)
Douglas B. Moran, System and method for using signatures to detect computer intrusions ,(2000)
Douglas B. Moran, System and method for using timestamps to detect attacks ,(2000)
Kari Nurmela, Event sequence detection ,(2003)
Peng Ning, Yun Cui, Douglas S. Reeves, Constructing attack scenarios through correlation of intrusion alerts Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 245- 254 ,(2002) , 10.1145/586110.586144