A realistic graph-based alert correlation system

被引:27
|
作者
Ben Fredj, Ouissem [1 ]
机构
[1] Taif Univ, At Taif, Saudi Arabia
来源
SECURITY AND COMMUNICATION NETWORKS | 2015年 / 8卷 / 15期
关键词
security; correlation; attack graph; Markov chain;
D O I
10.1002/sec.1190
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper introduces a graph-based attack description that comes with different analysis methods for alert correlation. The system encompasses an attack scenario detection method, an alert correlation method that recognizes multistep attacks, and graph-based classification method to extract different types of alerts. The performance analysis shows that the system can correlate a huge number of alerts (more than 442000 alerts) into a dozens of attack graphs. The attack graph has permitted us to extract several attack properties with high precision. Copyright (c) 2015 John Wiley & Sons, Ltd.
引用
收藏
页码:2477 / 2493
页数:17
相关论文
共 50 条
  • [21] Graph-based KNN Algorithm for Spam SMS Detection
    Tran Phuc Ho
    Kang, Ho-Seok
    Kim, Sung-Ryul
    JOURNAL OF UNIVERSAL COMPUTER SCIENCE, 2013, 19 (16) : 2404 - 2419
  • [22] The OSATE Slicer: Graph-Based Reachability for Architectural Models
    Procter, Sam
    JOURNAL OF OBJECT TECHNOLOGY, 2023, 22 (02):
  • [23] The Number of Ways to Construct a Connected Graph: A Graph-Based Generalization of the Binomial Coefficients
    Khmelnitskaya, Anna
    van der Laan, Gerard
    Talman, Dolf
    JOURNAL OF INTEGER SEQUENCES, 2023, 26 (04)
  • [24] Abstraction Methods for Solving Graph-Based Security Games
    Basak, Anjon
    Fang, Fei
    Thanh Hong Nguyen
    Kiekintveld, Christopher
    AUTONOMOUS AGENTS AND MULTIAGENT SYSTEMS, 2016, 10003 : 13 - 33
  • [25] A link graph-based approach to identify forum spam
    Shin, Youngsang
    Myers, Steven
    Gupta, Minaxi
    Radivojac, Predrag
    SECURITY AND COMMUNICATION NETWORKS, 2015, 8 (02) : 176 - 188
  • [26] An Intrusion Action-Based IDS Alert Correlation Analysis and Prediction Framework
    Zhang, Kai
    Zhao, Fei
    Luo, Shoushan
    Xin, Yang
    Zhu, Hongliang
    IEEE ACCESS, 2019, 7 : 150540 - 150551
  • [27] An ontology-based secure design framework for graph-based databases
    Paneque, Manuel
    Roldan-Garcia, Maria del Mar
    Blanco, Carlos
    Mate, Alejandro
    Rosado, David G.
    Trujillo, Juan
    COMPUTER STANDARDS & INTERFACES, 2024, 88
  • [28] A New Alert Correlation Model Based On Similarity Approach
    Hostiadi, Dandy Pramana
    Susila, Made Darma
    Huizen, Roy Rudolf
    2019 1ST INTERNATIONAL CONFERENCE ON CYBERNETICS AND INTELLIGENT SYSTEM (ICORIS), 2019, : 133 - 137
  • [29] Distributed Multistage Alert Correlation Architecture based on Hadoop
    Rees, James
    49TH ANNUAL IEEE INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY (ICCST), 2015, : 147 - 152
  • [30] Modified graph-based algorithm to analyze security threats in IoT
    Arat, Ferhat
    Akleylek, Sedat
    PEERJ, 2023, 11
12345