A Similarity Model to Estimate Attack Strategy Based on Intentions Analysis for Network Forensics
作者: Aman Jantan , Mohammad Rasmi , Mohd Izham Ibrahim , Azri H. A. Rahman
DOI: 10.1007/978-3-642-34135-9_34
关键词:
摘要: Attack analysis acts as a center of gravity in network forensics to resolve the cyber crime cases. Nowadays, strategies have increasingly become more complicated digital world. This paper proposes new model estimate similar attack strategy with others. The uses cosine similarity method, and it depends on intention an effected factor identify strategy. probability values accuracy detection conducted from Intention Analysis (AIA) algorithm. experiments were performed virtual case evaluate proposed model. From observation, can reduce time processing cost decision-making at investigation phase. In addition, maximizes estimation.
springer.com
sci-hub.st 参考文章(28)
M. Rasmi, Aman Jantan, Attack Intention Analysis Model for Network Forensics international conference on software engineering and computer systems. pp. 403- 411 ,(2011) , 10.1007/978-3-642-22191-0_35
Ali A. Ghorbani, Bin Zhu, Alert Correlation for Extracting Attack Strategies International Journal of Network Security. ,vol. 3, pp. 244- 258 ,(2006)
Shadi Aljawarneh, Ayman Alnsour, Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications intelligent semantic web services and applications. ,(2010)
Xinzhou Qin, Wenke Lee, Attack plan recognition and prediction using causal networks annual computer security applications conference. pp. 370- 379 ,(2004) , 10.1109/CSAC.2004.7
Emmanuel S. Pilli, R.C. Joshi, Rajdeep Niyogi, Network forensic frameworks: Survey and research challenges Digital Investigation. ,vol. 7, pp. 14- 27 ,(2010) , 10.1016/J.DIIN.2010.02.003
Wei Wang, Thomas E. Daniels, A Graph Based Approach Toward Network Forensics Analysis ACM Transactions on Information and System Security. ,vol. 12, pp. 1- 33 ,(2008) , 10.1145/1410234.1410238
Zhigang Wang, Wu Peng, An Intrusive Intention Recognition Model Based on Network Security States Graph 2009 5th International Conference on Wireless Communications, Networking and Mobile Computing. pp. 4631- 4634 ,(2009) , 10.1109/WICOM.2009.5302778
Eoghan Casey, Case study: Network intrusion investigation - lessons in forensic preparation Digital Investigation. ,vol. 2, pp. 254- 260 ,(2005) , 10.1016/J.DIIN.2005.11.007
Steve Barker, Marek J. Sergot, Duminda Wijesekera, Status-Based Access Control ACM Transactions on Information and System Security. ,vol. 12, pp. 1- 47 ,(2008) , 10.1145/1410234.1410235
Ming-Yuh Huang, Robert J. Jasper, Thomas M. Wicks, A large scale distributed intrusion detection framework based on attack strategy analysis Computer Networks. ,vol. 31, pp. 2465- 2475 ,(1999) , 10.1016/S1389-1286(99)00114-0