首页> 外文会议>Communication, Network, and Information Security >DISCOVERING ATTACK STRUCTURES USING BEHAVIOR DRIVEN ALERT CORRELATION WITH DYNAMIC VISUALIZATION OF NETWORK INTRUSIONS

【24h】

DISCOVERING ATTACK STRUCTURES USING BEHAVIOR DRIVEN ALERT CORRELATION WITH DYNAMIC VISUALIZATION OF NETWORK INTRUSIONS

机译：利用行为驱动的警报关联和网络入侵的动态可视化发现攻击结构

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The existing Intrusion Detection Systems often generate alerts that represent only a sub attack of the attack, which the attacker is trying to accomplish. There is no work previously been carried out to implicitly link alerts together to discover attack plans from generated alerts. This paper proposes the system frame-work for behavior driven dynamic visual intrusion detection system that can be used to find out implicit relationships among alerts and discover attack plans which consist of smaller attacks, carried out in some particular sequential order. The paper also talks about how dynamic visualization along with the static visualization can be used for the visualization of alert and attack structures.

机译：现有的入侵检测系统通常会生成警报，这些警报仅表示攻击者试图完成的攻击的子攻击。以前没有进行过将隐式链接到一起以从生成的警报中发现攻击计划的工作。本文提出了行为驱动的动态视觉入侵检测系统的系统框架，该系统可用于发现警报之间的隐式关系并发现以较小的攻击顺序执行的由较小的攻击组成的攻击计划。本文还讨论了如何将动态可视化与静态可视化一起用于警报和攻击结构的可视化。

著录项

来源
《Communication, Network, and Information Security》|2005年|P.55-63|共9页
会议地点
作者
Aurangzieb Zieb Rana; Mao Lin Huang; Tom Hintz;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算机网络;通信;
关键词
information visualization; dynamic visualization; static visualization; intrusion detection systems;

机译：信息可视化;动态可视化;静态可视化;入侵检测系统;
入库时间 2022-08-26 14:10:49

相似文献

外文文献
中文文献
专利

1. Discovering Attack Scenarios via Intrusion Alert Correlation Using Graph Convolutional Networks [J] . Cheng Qiumei, Wu Chunming, Zhou Shiying IEEE communications letters . 2021,第5期

机译：通过使用图形卷积网络通过入侵警报相关性发现攻击场景
2. Alert Correlation for Detecting Cyber-Manufacturing Attacks and Intrusions [J] . Journal of Computing and Information Science in Engineering . 2020,第1期

机译：用于检测网络制造攻击和入侵的警报关联
3. Intrusion alert prioritisation and attack detection using post-correlation analysis [J] . Riyanat Shittu, Alex Healing, Robert Ghanea-Hercock, Computers & Security . 2015,第may期

机译：使用后相关分析的入侵警报优先级和攻击检测
4. DISCOVERING ATTACK STRUCTURES USING BEHAVIOR DRIVEN ALERT CORRELATION WITH DYNAMIC VISUALIZATION OF NETWORK INTRUSIONS [C] . Aurangzieb Zieb Rana, Mao Lin Huang, Tom Hintz, IASTED International Conference on Communication, Network, and Information Security . 2005

机译：使用与网络入侵的动态可视化的行为驱动警报相关性发现攻击结构
5. Visualization of Intrusion Alerts for Network Security Monitoring and Analysis via Heuristic Host Selection. [D] . Shiravi-Khozani, Hadi. 2011

机译：通过启发式主机选择可视化入侵警报，以进行网络安全监视和分析。
6. Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks [O] . Riaz Ahmed Shaikh, Hassan Jameel, Brian J. d’Auriol, 2009

机译：无线传感器网络协同分布式入侵检测方案的入侵感知警报验证算法
7. A framework for correlation and aggregation of security alerts in communication networks. A reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective. [O] . Alserhani Faeiz 2011

机译：通信网络中安全警报的关联和聚合框架。一种推理相关和聚合方法，可使用网络入侵检测系统（NIDS）生成的基本警报来检测多阶段攻击情形，以实现全球安全性。

DISCOVERING ATTACK STRUCTURES USING BEHAVIOR DRIVEN ALERT CORRELATION WITH DYNAMIC VISUALIZATION OF NETWORK INTRUSIONS

摘要

著录项

相似文献

相关主题

期刊订阅