Attack Intention Analysis Model for Network Forensics
作者: M. Rasmi , Aman Jantan
DOI: 10.1007/978-3-642-22191-0_35
关键词:
摘要: In network forensics, attack intentions analyses play a major role to help and accelerate decision-making for apprehending the real perpetrator. fact, intention analysis is prediction factor investigators conclude case with high accuracy. However, current techniques in only focus on recognizing an alert correlation certain evidence predicting future attacks. reality, more factors should be used by come concise decision such as intention, incident path ..., etc. This paper will propose model, which reasoning of attacks under uncertainty intention. A new model introduced using combination mathematical Dempster- Shafer (D-S) theory probabilistic technique through causal predict We found that analyzing attacker’s forensic investigation agents able audit perform efficient way. Experiments were performed samples probability evaluate proposed model. Arguably, may produce clear impact investigator decision-making.
springer.com
sci-hub.st 参考文章(15)
Beáta Reiz, Lehel Csató, Bayesian Network Classifier for Medical Data Analysis International Journal of Computers Communications & Control. ,vol. 4, pp. 65- 72 ,(2009) , 10.15837/IJCCC.2009.1.2414
Xinzhou Qin, Wenke Lee, Attack plan recognition and prediction using causal networks annual computer security applications conference. pp. 370- 379 ,(2004) , 10.1109/CSAC.2004.7
Emmanuel S. Pilli, R.C. Joshi, Rajdeep Niyogi, Network forensic frameworks: Survey and research challenges Digital Investigation. ,vol. 7, pp. 14- 27 ,(2010) , 10.1016/J.DIIN.2010.02.003
Zhigang Wang, Wu Peng, An Intrusive Intention Recognition Model Based on Network Security States Graph 2009 5th International Conference on Wireless Communications, Networking and Mobile Computing. pp. 4631- 4634 ,(2009) , 10.1109/WICOM.2009.5302778
Eoghan Casey, Case study: Network intrusion investigation - lessons in forensic preparation Digital Investigation. ,vol. 2, pp. 254- 260 ,(2005) , 10.1016/J.DIIN.2005.11.007
Ming-Yuh Huang, Robert J. Jasper, Thomas M. Wicks, A large scale distributed intrusion detection framework based on attack strategy analysis Computer Networks. ,vol. 31, pp. 2465- 2475 ,(1999) , 10.1016/S1389-1286(99)00114-0
Wu Peng, Shuping Yao, Junhua Chen, Recognizing Intrusive Intention and Assessing Threat Based on Attack Path Analysis international conference on multimedia information networking and security. ,vol. 2, pp. 450- 453 ,(2009) , 10.1109/MINES.2009.108
Dehuai Zeng, Jianmin Xu, Gang Xu, Data Fusion for Traffic Incident Detector Using D-S Evidence Theory with Probabilistic SVMs Journal of Computers. ,vol. 3, pp. 36- 43 ,(2008) , 10.4304/JCP.3.10.36-43
Marcus K Rogers, Kate Seigfried, None, The future of computer forensics: a needs analysis survey Computers & Security. ,vol. 23, pp. 12- 16 ,(2004) , 10.1016/J.COSE.2004.01.003
Ahmad Almulhem, Network forensics: Notions and challenges international symposium on signal processing and information technology. pp. 463- 466 ,(2009) , 10.1109/ISSPIT.2009.5407485