Asset Risk Scoring in Enterprise Network with Mutually Reinforced Reputation Propagation
作者: Xin Hu , Ting Wang , Marc Ph Stoecklin , Douglas L. Schales , Jiyong Jang
DOI: 10.1109/SPW.2014.18
关键词:
摘要: Cyber security attacks are becoming ever more frequent and sophisticated. Enterprises often deploy several protection mechanisms, such as anti-virus software, intrusion detection prevention systems, firewalls, to protect their critical assets against emerging threats. Unfortunately, these systems typically "noisy", e.g., regularly generating thousands of alerts every day. Plagued by false positives irrelevant events, it is neither practical nor cost-effective analyze respond single alert. The main challenge faced enterprises extract important information from the plethora infer potential risks assets. A better understanding will facilitate effective resource allocation prioritization further investigation. In this paper, we present MUSE, a system that analyzes large number derives risk scores correlating diverse entities in an enterprise network. Instead considering isolated static property, MUSE models dynamics based on mutual reinforcement principle. We evaluate with real-world network traces network, demonstrate its efficacy assessment flexibility incorporating wide variety data sets.
elsevier.com
computer.org
ieee-security.org 参考文章(12)
Bernhard Nebel, Gerhard Lakemeyer, Exploring artificial intelligence in the new millennium Morgan Kaufmann Publishers Inc.. ,(2003)
Zoltán Gyöngyi, Hector Garcia-Molina, Jan Pedersen, Combating web spam with trustrank very large data bases. pp. 576- 587 ,(2004) , 10.1016/B978-012088469-8.50052-8
Jonathan S. Yedidia, Yair Weiss, William T. Freeman, Understanding belief propagation and its generalizations Exploring artificial intelligence in the new millennium. pp. 239- 269 ,(2003)
Shawndra Hill, Foster Provost, None, The myth of the double-blind review?: author identification using only citations Sigkdd Explorations. ,vol. 5, pp. 179- 184 ,(2003) , 10.1145/980972.981001
Mary McGlohon, Stephen Bay, Markus G. Anderle, David M. Steier, Christos Faloutsos, SNARE Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '09. pp. 1265- 1274 ,(2009) , 10.1145/1557019.1557155
Alexander Schwing, Tamir Hazan, Marc Pollefeys, Raquel Urtasun, Distributed message passing for large scale graphical models CVPR 2011. pp. 1833- 1840 ,(2011) , 10.1109/CVPR.2011.5995642
Jon M. Kleinberg, Authoritative sources in a hyperlinked environment Journal of the ACM. ,vol. 46, pp. 604- 632 ,(1999) , 10.1145/324133.324140
P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, E. Vázquez, Anomaly-based network intrusion detection: Techniques, systems and challenges Computers & Security. ,vol. 28, pp. 18- 28 ,(2009) , 10.1016/J.COSE.2008.08.003
Shashank Pandit, Duen Horng Chau, Samuel Wang, Christos Faloutsos, Netprobe: a fast and scalable system for fraud detection in online auction networks the web conference. pp. 201- 210 ,(2007) , 10.1145/1242572.1242600
Jennifer Neville, Özgür Şimşek, David Jensen, John Komoroske, Kelly Palmer, Henry Goldberg, Using relational knowledge discovery to prevent securities fraud knowledge discovery and data mining. pp. 449- 458 ,(2005) , 10.1145/1081870.1081922