Decision support system for zero-day attack response
作者: Huy Kang Kim , Soo Kyun Kim , Seok Hun Kim
DOI:
关键词:
摘要: Regardless of the existence various information security safeguards, many companies remain vulnerable to unknown attack, which is known as zero-day attack. In this study, we develop decision support system (DSS) using case-based reasoning (CBR) for attack response. Also, our proposed divides into atomic attacks zero- day detection. Then, analyzes similarity between new pattern and patterns. Finally, it suggests most similar cases with applying functions CBR. The effectiveness further shown in empirical test.
elsevier.com参考文章(17)
William E. Winkler, The State of Record Linkage and Current Research Problems ,(1999)
Eleazar Eskin, Anomaly Detection over Noisy Data using Learned Probability Distributions international conference on machine learning. pp. 255- 262 ,(2000) , 10.7916/D8C53SKF
Applications of Data Mining in Computer Security Kluwer Academic Publishers. ,(2002) , 10.1007/978-1-4615-0953-0
Steven Noel, Sushil Jajodia, Managing attack graph complexity through visual hierarchical aggregation visualization for computer security. pp. 109- 118 ,(2004) , 10.1145/1029208.1029225
Sushil Jajodia, Topological analysis of network attack vulnerability Proceedings of the 2nd ACM symposium on Information, computer and communications security - ASIACCS '07. pp. 2- 2 ,(2007) , 10.1145/1229285.1229288
Benfano Soewito, Lucas Vespa, Ning Weng, Haibo Wang, Hybrid pattern matching for trusted intrusion detection Security and Communication Networks. ,vol. 4, pp. 33- 43 ,(2011) , 10.1002/SEC.175
Xuejiao Liu, Chengfang Fang, Debao Xiao, Intrusion diagnosis and prediction with expert system Security and Communication Networks. ,vol. 4, pp. 1483- 1494 ,(2011) , 10.1002/SEC.293
Matthew A. Jaro, Advances in Record-Linkage Methodology as Applied to Matching the 1985 Census of Tampa, Florida Journal of the American Statistical Association. ,vol. 84, pp. 414- 420 ,(1989) , 10.1080/01621459.1989.10478785
Huy Kang Kim, Kwang Hyuk Im, Sang Chan Park, DSS for computer security incident response applying CBR and collaborative response Expert Systems With Applications. ,vol. 37, pp. 852- 870 ,(2010) , 10.1016/J.ESWA.2009.05.100
T.F. Smith, M.S. Waterman, Identification of common molecular subsequences. Journal of Molecular Biology. ,vol. 147, pp. 195- 197 ,(1981) , 10.1016/0022-2836(81)90087-5