Understanding multistage attacks by attack-track based visualization of heterogeneous event streams
作者: S. Mathew , R. Giomundo , S. Upadhyaya , M. Sudit , A. Stotz
关键词:
摘要: In this paper, we present a method of handling the visualization hetereogeneous event traffic that is generated by intrusion detection sensors, log files and other sources on computer network from point view detecting multistage attack paths are importance. We perform aggregation correlation these events based their semantic content to generate Attack Tracks displayed analyst in real-time. Our tool, called Event Correlation for Cyber-Attack Recognition System (EC-CARS) enables distinguish separate an evolving thousands network. focus here presenting environment framework using ECCARS along with screenshots demonstrate its capabilities.
acm.org
sci-hub.se 参考文章(17)
S. Mathew, D. Britt, R. Giomundo, S. Upadhyaya, M. Sudit, A. Stotz, Real-time multistage attack awareness through enhanced intrusion alert clustering military communications conference. pp. 1801- 1806 ,(2005) , 10.1109/MILCOM.2005.1605934
S. Noel, E. Robertson, S. Jajodia, Correlating intrusion events and building attack scenarios through attack graph distances annual computer security applications conference. pp. 350- 359 ,(2004) , 10.1109/CSAC.2004.11
George Kurtz, Stuart McClure, Joel Scambray, Hacking Exposed: Network Security Secrets and Solutions, Fourth Edition McGraw-Hill Professional. ,(2001)
H. Koike, K. Ohno, K. Koizumi, Visualizing cyber attacks using IP matrix visualization for computer security. pp. 11- 11 ,(2005) , 10.1109/VIZSEC.2005.22
R.F. Erbacher, K. Christensen, A. Sundberg, Designing visualization capabilities for IDS challenges visualization for computer security. pp. 15- 15 ,(2005) , 10.1109/VIZSEC.2005.5
S. Noel, M. Jacobs, P. Kalapa, S. Jajodia, Multiple coordinated views for network attack graphs visualization for computer security. pp. 12- 12 ,(2005) , 10.1109/VIZSEC.2005.14
J.R. Goodall, W.G. Lutters, P. Rheingans, A. Komlodi, Preserving the big picture: visual network traffic analysis with TNV visualization for computer security. pp. 6- 6 ,(2005) , 10.1109/VIZSEC.2005.17
Alfonso Valdes, Martin Fong, Scalable visualization of propagating internet phenomena visualization for computer security. pp. 124- 127 ,(2004) , 10.1145/1029208.1029228
R.F. Erbacher, K.L. Walker, D.A. Frincke, Intrusion and misuse detection in large-scale systems IEEE Computer Graphics and Applications. ,vol. 22, pp. 38- 47 ,(2002) , 10.1109/38.974517
Stuart McClure, Joel Scambray, George Kurtz, Kurtz, None, Hacking Exposed; Network Security Secrets and Solutions Hacking Exposed; Network Security Secrets and Solutions 1st. pp. 484- 484 ,(1999)