Graph-based fusing of heterogeneous alerts
作者: Chen Zhengzhang , Tang Luan , Jiang Guofei , Chen Haifeng , Li Zhichun
DOI:
关键词:
摘要: Methods and systems for reporting anomalous events include intra-host clustering a set of alerts based on process graph that models states process-level in network. Hidden relationship is performed the clustered hidden relationships between respective clusters. Inter-host topology source destination connection exceed threshold level trustworthiness are reported.
lens.org 参考文章(14)
Matthew Barton Wolf, Broadband eddy current probe ,(2013)
Tao Lv, Alarm correlation analysis method, apparatus, and system ,(2014)
Elan Pavlov, Yonatan Striem Amit, Method and Apparatus for Classifying and Combining Computer Attack Information ,(2013)
Thayne Richard Coffman, Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data ,(2006)
Kenji Yoshihira, Guofei Jiang, Haifeng Chen, Ranking the importance of alerts for problem determination in large systems ,(2009)
James S. Binder, Ali Golshan, Systems and methods for virtualization and emulation assisted malware detection ,(2012)
Seyed Hossein Ahmadinejad, Saeed Jalili, Mahdi Abadi, A hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs Computer Networks. ,vol. 55, pp. 2221- 2240 ,(2011) , 10.1016/J.COMNET.2011.03.005
Yu-Chun Chen, Paul A. Kohl, Photosensitive sacrificial polymer with low residue Microelectronic Engineering. ,vol. 88, pp. 3087- 3093 ,(2011) , 10.1016/J.MEE.2011.05.034
Yizhou Sun, Jiawei Han, Mining heterogeneous information networks: a structural analysis approach Sigkdd Explorations. ,vol. 14, pp. 20- 28 ,(2013) , 10.1145/2481244.2481248
Sandro Etalle, Damiano Bolzoni, Method and system for alert classification in a computer network ,(2010)