Intrusion diagnosis and prediction with expert system
作者: Xuejiao Liu , Chengfang Fang , Debao Xiao
DOI: 10.1002/SEC.293
关键词:
摘要: Network diagnosis and attack prediction can help the network administrator to take timely actions defend against well-planned attacks that exploit a chain of vulnerabilities. One important data source for such analysis is alerts generated by intrusion detection systems (IDS) deployed over network. However, IDS typically generates overwhelming amount alerts, where one cannot simply aggregate or discard. In addition, chance successful depends on many hidden factors as system status attacker power, thus dependencies among exploits conditions are too complicated analyze under probability framework. this paper, we employ expert deal with uncertainties conduct certainty factor inference. We show in fuzzy tractable propose an algorithm predict potential attacks. Finally, give case study illustrate our evaluate effectiveness approach DARPA sets. Copyright © 2011 John Wiley & Sons, Ltd.
sci-hub.se 参考文章(30)
Alok Tongaonkar, R. Sekar, Sreenaath Vasudevan, Fast packet classification for Snort by native compilation of rules usenix large installation systems administration conference. pp. 159- 165 ,(2008)
Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions Information Science Reference - Imprint of: IGI Publishing. ,(2009) , 10.4018/978-1-60566-326-5
Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal, Sushil Jajodia, An Attack Graph-Based Probabilistic Security Metric Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security. ,vol. 5094, pp. 283- 296 ,(2008) , 10.1007/978-3-540-70567-3_22
Xinzhou Qin, Wenke Lee, Attack plan recognition and prediction using causal networks annual computer security applications conference. pp. 370- 379 ,(2004) , 10.1109/CSAC.2004.7
Steven Noel, Sushil Jajodia, Managing attack graph complexity through visual hierarchical aggregation visualization for computer security. pp. 109- 118 ,(2004) , 10.1145/1029208.1029225
Eghbal G. Mansoori, Mansoor J. Zolghadri, Seraj D. Katebi, A weighting function for improving fuzzy classification systems performance Fuzzy Sets and Systems. ,vol. 158, pp. 583- 591 ,(2007) , 10.1016/J.FSS.2006.10.004
David E. Heckerman, Edward H. Shortliffe, From certainty factors to belief networks Artificial Intelligence in Medicine. ,vol. 4, pp. 35- 52 ,(1992) , 10.1016/0933-3657(92)90036-O
Paul Ammann, Duminda Wijesekera, Saket Kaushik, Scalable, graph-based network vulnerability analysis Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 217- 224 ,(2002) , 10.1145/586110.586140
Oscar Cordón, María José del Jesus, Francisco Herrera, A proposal on reasoning methods in fuzzy rule-based classification systems International Journal of Approximate Reasoning. ,vol. 20, pp. 21- 45 ,(1999) , 10.1016/S0888-613X(00)88942-2
Yuan-Hsin Tung, Shian-Shyong Tseng, Jui-Feng Weng, Tsung-Ping Lee, Anthony Y.H. Liao, Wen-Nung Tsai, A rule-based CBR approach for expert finding and problem diagnosis Expert Systems With Applications. ,vol. 37, pp. 2427- 2438 ,(2010) , 10.1016/J.ESWA.2009.07.037