A realistic graph-based alert correlation system

被引:27
|
作者
Ben Fredj, Ouissem [1 ]
机构
[1] Taif Univ, At Taif, Saudi Arabia
来源
SECURITY AND COMMUNICATION NETWORKS | 2015年 / 8卷 / 15期
关键词
security; correlation; attack graph; Markov chain;
D O I
10.1002/sec.1190
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper introduces a graph-based attack description that comes with different analysis methods for alert correlation. The system encompasses an attack scenario detection method, an alert correlation method that recognizes multistep attacks, and graph-based classification method to extract different types of alerts. The performance analysis shows that the system can correlate a huge number of alerts (more than 442000 alerts) into a dozens of attack graphs. The attack graph has permitted us to extract several attack properties with high precision. Copyright (c) 2015 John Wiley & Sons, Ltd.
引用
收藏
页码:2477 / 2493
页数:17
相关论文
共 50 条
  • [1] On the Alert Correlation Process for the Detection of Multi-step Attacks and a Graph-based Realization
    Haas, Steffen
    Fischer, Mathias
    APPLIED COMPUTING REVIEW, 2019, 19 (01): : 5 - 19
  • [2] GAC: Graph-Based Alert Correlation for the Detection of Distributed Multi-Step Attacks
    Haas, Steffen
    Fischer, Mathias
    33RD ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, 2018, : 979 - 988
  • [3] GRAPH-BASED RECOMMENDATION SYSTEM
    Yang, Kaige
    Toni, Laura
    2018 IEEE GLOBAL CONFERENCE ON SIGNAL AND INFORMATION PROCESSING (GLOBALSIP 2018), 2018, : 798 - 802
  • [4] Alert Correlation Analysis Based on Attack Path Graph
    Zhang, Daojuan
    Qian, Kexiang
    Zhang, Peng
    Mao, Shu
    Wu, Hongbin
    2017 IEEE CONFERENCE ON ENERGY INTERNET AND ENERGY SYSTEM INTEGRATION (EI2), 2017,
  • [5] A New Alert Correlation Algorithm Based on Attack Graph
    Roschke, Sebastian
    Cheng, Feng
    Meinel, Christoph
    COMPUTATIONAL INTELLIGENCE IN SECURITY FOR INFORMATION SYSTEMS, 2011, 6694 : 58 - 67
  • [6] A graph-based information retrieval system
    Thammasut, Duangjai
    Sornil, Ohm
    2006 INTERNATIONAL SYMPOSIUM ON COMMUNICATIONS AND INFORMATION TECHNOLOGIES,VOLS 1-3, 2006, : 793 - +
  • [7] A graph-based table recognition system
    Rahgozar, MA
    Cooperman, R
    DOCUMENT RECOGNITION III, 1996, 2660 : 192 - 203
  • [8] Graph-based Question Answering System
    Mital, Piyush
    Agrawal, Saurabh
    Neti, Bhargavi
    Haribhakta, Yashodhara
    Kamble, Vibhavari
    Bhattacharjee, Krishnanjan
    Das, Debashri
    Mehta, Swati
    Kumar, Ajai
    2018 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATIONS AND INFORMATICS (ICACCI), 2018, : 1798 - 1802
  • [9] GRAPH-BASED ANALYSIS OF THE CORRELATION BETWEEN MOBILITY AND TELECOMMUNICATION
    Tajabadi, Roya Esmaeili
    Pahlavani, Parham
    Milaghardan, Amin Hosseinpoor
    GEODETSKI VESTNIK, 2023, 67 (01) : 40 - 57
  • [10] Graph-based Correlation of SNMP Objects for Anomaly Detection
    Zarpelao, Bruno Bogaz
    Mendes, Leonardo de Souza
    Proenca, Mario Lemes, Jr.
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2006, 6 (5B): : 194 - 202
12345