A realistic graph-based alert correlation system

被引:27
|
作者
Ben Fredj, Ouissem [1 ]
机构
[1] Taif Univ, At Taif, Saudi Arabia
来源
SECURITY AND COMMUNICATION NETWORKS | 2015年 / 8卷 / 15期
关键词
security; correlation; attack graph; Markov chain;
D O I
10.1002/sec.1190
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper introduces a graph-based attack description that comes with different analysis methods for alert correlation. The system encompasses an attack scenario detection method, an alert correlation method that recognizes multistep attacks, and graph-based classification method to extract different types of alerts. The performance analysis shows that the system can correlate a huge number of alerts (more than 442000 alerts) into a dozens of attack graphs. The attack graph has permitted us to extract several attack properties with high precision. Copyright (c) 2015 John Wiley & Sons, Ltd.
引用
收藏
页码:2477 / 2493
页数:17
相关论文
共 50 条
  • [31] CONCEPTUAL GRAPH-BASED SYSTEM FOR ASSEMBLY PROGRAM SYNTHESIS
    MAIMON, O
    KAPITANOVSKY, A
    ROBOTICA, 1992, 10 : 329 - 338
  • [32] APISynth: A new graph-based API recommender system
    Lv, Chen
    Jiang, Wei
    Hu, Song-Lin
    Jisuanji Xuebao/Chinese Journal of Computers, 2015, 38 (11): : 2172 - 2187
  • [33] GRAPH-BASED DEINTERLACING
    Roussel, Jerome
    Bertolino, Pascal
    2008 15TH IEEE INTERNATIONAL CONFERENCE ON IMAGE PROCESSING, VOLS 1-5, 2008, : 897 - 900
  • [34] Popularity Bias in Correlation Graph-based API Recommendation for Mashup Creation
    Yan, Chao
    Zhong, Weiyi
    Zhai, Dengshuai
    Khan, Arif Ali
    Gong, Wenwen
    Xu, Yanwei
    Xin, Baogui
    ACM TRANSACTIONS ON INTELLIGENT SYSTEMS AND TECHNOLOGY, 2024, 16 (01)
  • [35] Causation Correlation Analysis of Aviation Accidents: A Knowledge Graph-Based Approach
    Xu, Jihui
    Chen, Lu
    Xing, Huaixi
    Tian, Wenjie
    APPLIED SCIENCES-BASEL, 2024, 14 (16):
  • [36] RDF Graph-Based Formal System in Relation to the Sowa's Conceptual Graph
    Zacek, Martin
    PROCEEDINGS OF THE INTERNATIONAL CONFERENCE OF NUMERICAL ANALYSIS AND APPLIED MATHEMATICS 2014 (ICNAAM-2014), 2015, 1648
  • [37] Folkommender: a group recommender system based on a graph-based ranking algorithm
    Heung-Nam Kim
    Mark Bloess
    Abdulmotaleb El Saddik
    Multimedia Systems, 2013, 19 : 509 - 525
  • [38] A parallel query processing system based on graph-based database partitioning
    Nam, Yoon-Min
    Han, Donghyoung
    Kim, Min-Soo
    INFORMATION SCIENCES, 2019, 480 : 237 - 260
  • [39] Folkommender: a group recommender system based on a graph-based ranking algorithm
    Kim, Heung-Nam
    Bloess, Mark
    El Saddik, Abdulmotaleb
    MULTIMEDIA SYSTEMS, 2013, 19 (06) : 509 - 525
  • [40] Warder: Online Insider Threat Detection System Using Multi-Feature Modeling and Graph-Based Correlation
    Jiang, Jianguo
    Chen, Jiuming
    Gu, Tianbo
    Choo, Kim-Kwang Raymond
    Liu, Chao
    Yu, Min
    Huang, Weiqing
    Mohapatra, Prasant
    MILCOM 2019 - 2019 IEEE MILITARY COMMUNICATIONS CONFERENCE (MILCOM), 2019,
12345