首页> 外文会议> >Assessing Attack Threat by the Probability of Following Attacks
【24h】

Assessing Attack Threat by the Probability of Following Attacks

机译:通过后续攻击的可能性评估攻击威胁

获取原文
获取原文并翻译 | 示例

摘要

In this paper a novel approach to assessing the threat of network intrusions is proposed. Unlike the present approaches which assess the attack threat either from a backward perspective (how probable a security state can be reached) or from the perspective of the attacks themselves (how much an attack would cause damage to the network), this approach assesses the attack threat from a forwarding perspective (how probable it would be the precursor of future attacks). First, to every attack type and some attack scenarios, their probabilities of having following attacks(PFAs) are calculated by a data mining algorithm. Then the threats of real time intrusions are assessed by these probabilities. The result of the threat assessment can help identify the intrusion alerts which would be the best evidence for the coming attacks from tremendous amount of intrusion alerts, thus this approach can be used for intrusion prediction. The approach is validated by DARPA 2000 and DARPA 1999 intrusion detection evaluation datasets.
机译:在本文中,提出了一种评估网络入侵威胁的新颖方法。与目前从后方(达到安全状态的可能性)或从攻击本身(从多大程度的攻击将对网络造成破坏)的角度评估攻击威胁的方法不同,该方法评估了攻击从转发的角度来看威胁(未来攻击的先兆)。首先,针对每种攻击类型和某些攻击场景,通过数据挖掘算法计算其遭受后续攻击(PFA)的概率。然后,通过这些概率评估实时入侵的威胁。威胁评估的结果可帮助识别入侵警报,这将是来自大量入侵警报的即将发生的攻击的最佳证据,因此该方法可用于入侵预测。该方法已通过DARPA 2000和DARPA 1999入侵检测评估数据集验证。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号