Enriching Intrusion Alerts Through Multi-Host Causality.
作者: Dominic G. Lucchetti , Peter M. Chen , Zhuoqing Morley Mao , Samuel T. King
DOI:
关键词:
摘要:
isoc.org
ndss-symposium.org参考文章(14)
Vern Paxson, Yin Zhang, Detecting stepping stones usenix security symposium. pp. 13- 13 ,(2000)
D. Senie, P. Ferguson, Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing RFC 2827-BCP 38. ,vol. 2267, pp. 1- 10 ,(1998)
Stefan Savage, David Wetherall, Anna Karlin, Tom Anderson, Practical network support for IP traceback acm special interest group on data communication. ,vol. 30, pp. 295- 306 ,(2000) , 10.1145/347057.347560
Leslie Lamport, , Time, clocks, and the ordering of events in a distributed system Concurrency and Computation: Practice and Experience. pp. 179- 196 ,(2019) , 10.1145/3335772.3335934
Ningning Zhu, Tzi-Cker Chiueh, Design, implementation, and evaluation of repairable file service dependable systems and networks. pp. 217- 226 ,(2003) , 10.1109/DSN.2003.1209932
Alfonso Valdes, Keith Skinner, Probabilistic Alert Correlation recent advances in intrusion detection. pp. 54- 68 ,(2001) , 10.1007/3-540-45474-8_4
D. Wagner, R. Dean, Intrusion detection via static analysis ieee symposium on security and privacy. pp. 156- 168 ,(2001) , 10.1109/SECPRI.2001.924296
Xinyuan Wang, Douglas S. Reeves, Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays computer and communications security. pp. 20- 29 ,(2003) , 10.1145/948109.948115
Peng Ning, Yun Cui, Douglas S. Reeves, Constructing attack scenarios through correlation of intrusion alerts Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 245- 254 ,(2002) , 10.1145/586110.586144
P. Ammann, S. Jajodia, Peng Liu, Recovery from malicious transactions IEEE Transactions on Knowledge and Data Engineering. ,vol. 14, pp. 1167- 1185 ,(2002) , 10.1109/TKDE.2002.1033782