Graph-based malicious login events investigation

机译：基于图的恶意登录事件调查

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

A large body of research has been accomplished on detecting malicious events, attacks, threats, or botnets. Different techniques and approaches have been proposed to detect them such as machine-learning-based, or rule-based. However, there is a lack of sophisticated techniques for investigating malicious events and understanding the root cause of attacks. In this paper, we propose a knowledge discovery approach for investigating and visualizing malicious authentication events. The approach is based on data mining techniques on attacks in order to extract the behavior of malicious authentication. We also propose a novel graph-based representation method that helps highlight attack scenarios. The evaluation is performed on a publicly available large dataset, where we analyze behavior of malicious authentication events. The results are useful for security experts in order to improve the existing solutions by making them robust.

机译：关于检测恶意事件，攻击，威胁或僵尸网络的大量研究已经完成。已经提出了不同的技术和方法来检测它们，例如基于机器学习的或基于规则的。但是，缺乏用于调查恶意事件和了解攻击根本原因的复杂技术。在本文中，我们提出了一种用于调查和可视化恶意身份验证事件的知识发现方法。该方法基于针对攻击的数据挖掘技术，以提取恶意身份验证的行为。我们还提出了一种新颖的基于图的表示方法，可帮助突出显示攻击情形。评估是在可公开获得的大型数据集上进行的，我们在其中分析恶意身份验证事件的行为。该结果对于安全专家而言非常有用，可以通过使其健壮性来改进现有解决方案。

著录项

来源
《IFIP/IEEE Symposium on Integrated Network and Service Management》|2019年|63-66|共4页
会议地点
作者
Faouzi Amrouche; Sofiane Lagraa; Georgios Kaiafas; Radu State;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Authentication; Gold; Analytical models; Visualization; Tools; Computational modeling;

机译：认证;金;分析模型;可视化;工具;计算模型;

相似文献

外文文献
中文文献
专利

1. Detecting malicious logins as graph anomalies [J] . Powell Brian A. Journal of information security and applications . 2020,第Octa期

机译：检测恶意登录作为图形异常
2. On the Detection of Malicious Behaviors against Introspection Using Hardware Architectural Events [J] . Huaizhe ZHOU, Haihe BA, Yongjun WANG, IEICE transactions on information and systems . 2020,第1期

机译：利用硬件体系结构事件检测针对自省的恶意行为
3. Malicious Events Grouping via Behavior Based Darknet Traffic Flow Analysis [J] . Pang Shaoning, Komosny Dan, Zhu Lei, Wireless personal communications: An Internaional Journal . 2017,第4期

机译：通过基于行为的Darknet流量分析进行恶意事件进行分组
4. Graph-based malicious login events investigation [C] . Faouzi Amrouche, Sofiane Lagraa, Georgios Kaiafas, IFIP/IEEE Symposium on Integrated Network and Service Management . 2019

机译：基于图形的恶意登录活动调查
5. CacheLight: A Lightweight Approach for Preventing Malicious Use of Cache Locking Mechanisms [D] . Gutierrez, Mauricio Gutierrez 2018

机译：CacheLight：防止恶意使用缓存锁定机制的轻量级方法
6. Optimizing graph-based patterns to extract biomedical events from the literature [O] . Haibin Liu, Karin Verspoor, Donald C Comeau, 2015

机译：优化基于图的模式以从文献中提取生物医学事件
7. nyk of the Lviv University. Series Law KEYWORDS abuse of authority, abuse of power, abuse of official status, abuse of office acts of the European Union, international legal regulation, employment, right to free movement advocacy, advocate activity, advocacy science, advocatologie, theory of advocacy appeal proceeding, grounds to judgement revision, inconsistency of the court’s findings at first instance with the actual circumstances of the criminal proceedings, cancellation or alteration of the judgment charity organization, founder, assets of charity organization, constituent documents criminal proceedings, subjects of criminal proceedings, the suspect, the suspect law, criminal procedure, international standards employer’s duty, right to the moral injury compensation, social insurance from an industrial accident, social need, labour dispute forms of the legal actions of the collective of employees historical and legal science department, scientific activity law enforcement equipment, individual legal act, the means of forming the content of the enforcement act, requirements for registration of individual legal act attributes (properties) of acts of law legal formula (construction), qualified corpus delicti of a crime, degree of social danger, crime-forming feature legal social community legal technique, technology, legal act, legal system, lawmaking legitimacy, investigation of crime, concept of criminalistics, criminalistics recommendations, tactical methods measures aimed at providing criminal proceedings, procedural sanction, monetary penalty, pre-trial investigation national implementation, forms of implementation, implementation practice, European states, international treaties participant, shareholder, partnership, acquisition, changing, suspension proof, probability, likelihood, credibility in evidence, reliability scientific school, research, development land, agricultural and environmental law, Lviv Scientific School land, agricultural and environmental law the High Council of Justice of Ukraine, the National Council of Justice of the Republic of Poland, judges’ independence, international standards of the judiciary the presumption of the labor legal personality OPEN JOURNAL SYSTEMS Journal Help USER Username Password Remember me Login NOTIFICATIONS View Subscribe LANGUAGE Select LanguageSubmit JOURNAL CONTENT Search Search Scope Search Browse By Issue By Author By Title Other Journals FONT SIZE Make font size smallerMake font size defaultMake font size larger INFORMATION For Readers For Authors For Librarians HOME ABOUT LOGIN REGISTER SEARCH CURRENT ARCHIVES ANNOUNCEMENTS Home > No 67 (2018) > Марін ONCE AGAIN ON THE RETROACTIVE EFFECT OF THE CRIMINAL LAW IN TIME IN THE ASPECT OF INDIRECT CRIMINALIZATION [O] . Oleksandr Marin 2018

机译：LVIV大学的尼克。系列律师关键词滥用权威，滥用权力，滥用官方地位，滥用欧盟办公室行为，国际法律监管，就业，自由运动倡导，倡导活动，倡导科学，倡导性宣传理论，倡导呼吁的理论，理由修改，法院调查结果的不一致事实，判决慈善组织的实际情况，取消或改变判决慈善机构，慈善组织的创始人，慈善机构资产，组成文件刑事诉讼，刑事诉讼主题，嫌疑人，嫌疑法，刑事诉讼，国际标准雇主的责任，道德伤害赔偿权，社会保险从工业事故，社会需求，劳动争端形式的员工历史和法律科学部的法律行为，科学活动执法设备，个人法律法案，制定执法法案的内容，法律法律公式（建设）行为的个人法律法案（属性），犯罪的合格犯罪，社会危险程度，犯罪形成特征法律社会社会法律技术，技术，法律法，法律制度，立法合法性，犯罪调查，犯罪概念，犯罪建议，战术方法旨在提供刑事诉讼，程序制裁，货币罚款，预审调查预审国家实施，执行形式，实施实践，欧洲国家，国际条约参与者，股东，伙伴关系，收购，不断变化，暂停证明，概率，可能性，可信度在证据，可靠性科学学校，研究，开发土地，农业和环境法，利沃科学校园，农业和环境法律议理乌克兰的冰，波兰共和国国家司法委员会，法官的独立，国际标准的司法部门劳动法人的推定开放期刊系统期刊帮助用户用户名密码记住我登录通知查看订阅语言选择lobsumberubmit期刊内容搜索搜索范围搜索按问题浏览作者标题在间接刑事定罪方面，再次对刑法的追溯效应及时
8. Separation of Benign and Malicious Network Events for Accurate Malware Family Classification. [R] . Mohaisen, A., Zhang, Z., Mekky, H. 2015

机译：用于准确恶意软件家庭分类的良性和恶意网络事件的分离。

Graph-based malicious login events investigation

摘要

著录项

相似文献

相关主题

期刊订阅