A realistic graph-based alert correlation system

被引:27
|
作者
Ben Fredj, Ouissem [1 ]
机构
[1] Taif Univ, At Taif, Saudi Arabia
来源
SECURITY AND COMMUNICATION NETWORKS | 2015年 / 8卷 / 15期
关键词
security; correlation; attack graph; Markov chain;
D O I
10.1002/sec.1190
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper introduces a graph-based attack description that comes with different analysis methods for alert correlation. The system encompasses an attack scenario detection method, an alert correlation method that recognizes multistep attacks, and graph-based classification method to extract different types of alerts. The performance analysis shows that the system can correlate a huge number of alerts (more than 442000 alerts) into a dozens of attack graphs. The attack graph has permitted us to extract several attack properties with high precision. Copyright (c) 2015 John Wiley & Sons, Ltd.
引用
收藏
页码:2477 / 2493
页数:17
相关论文
共 50 条
  • [31] Signed Graph-Based Image Transformation for Heterogeneous Change Detection
    Sun, Yuli
    Li, Ming
    Lei, Lin
    Li, Zhang
    Kuang, Gangyao
    IEEE TRANSACTIONS ON GEOSCIENCE AND REMOTE SENSING, 2025, 63
  • [32] On the Combining of Correlated Random Measures with Application to Graph-Based Receivers
    Knievel, Christopher
    Hoeher, Peter Adam
    Auer, Gunther
    IEEE COMMUNICATIONS LETTERS, 2012, 16 (12) : 1996 - 1999
  • [33] Complexity of Distance Fraud Attacks in Graph-Based Distance Bounding
    Trujillo-Rasua, Rolando
    MOBILE AND UBIQUITOUS SYSTEMS: COMPUTING, NETWORKING, AND SERVICES, 2014, 131 : 289 - 302
  • [34] Modified graph-based algorithm to analyze security threats in IoT
    Arat, Ferhat
    Akleylek, Sedat
    PEERJ COMPUTER SCIENCE, 2023, 9
  • [35] Infinite Feature Selection: A Graph-based Feature Filtering Approach
    Roffo, Giorgio
    Melzi, Simone
    Castellani, Umberto
    Vinciarelli, Alessandro
    Cristani, Marco
    IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, 2021, 43 (12) : 4396 - 4410
  • [36] Modified graph-based algorithm to analyze security threats in IoT
    Arat F.
    Akleylek S.
    PeerJ Computer Science, 2023, 9
  • [37] Latent Semantic Analysis and Graph Theory for Alert Correlation: A Proposed Approach for IoT Botnet Detection
    Lefoane, Moemedi
    Ghafir, Ibrahim
    Kabir, Sohag
    Awan, Irfan-Ullah
    El Hindi, Khalil
    Mahendran, Anand
    IEEE OPEN JOURNAL OF THE COMMUNICATIONS SOCIETY, 2024, 5 : 3904 - 3919
  • [38] THE RESEARCH OF QUANTITATIVE VULNERABILITY ASSESSMENT BASED ON ALERT CORRELATION GRAPHS
    Zhang, Yi
    Zhao, Bao
    Zhao, Kai
    2ND INTERNATIONAL SYMPOSIUM ON COMPUTER NETWORK AND MULTIMEDIA TECHNOLOGY (CNMT 2010), VOLS 1 AND 2, 2010, : 106 - 111
  • [39] A Graph-based Model for Malicious Software Detection Exploiting Domination Relations between System-call Groups
    Mpanti, Anna
    Nikolopoulos, Stavros D.
    Polenakis, Iosif
    COMPUTER SYSTEMS AND TECHNOLOGIES (COMPSYSTECH'18), 2018, 1641 : 20 - 26
  • [40] OutRank: A graph-based outlier detection framework using random walk
    Moonesinghe, H. D. K.
    Tan, Pang-Ning
    INTERNATIONAL JOURNAL ON ARTIFICIAL INTELLIGENCE TOOLS, 2008, 17 (01) : 19 - 36
12345