Attack detection method based on spatiotemporal event correlation in intranet environment
In view of the fact that a single event as an attack detection feature leads to a higher false positive rate,an intranet attack detection method using Bayesian network model for cross-space event correlation and Kalman filter linear model for cross-temporal event correlation was proposed.Based on th...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2020-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2020001/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | In view of the fact that a single event as an attack detection feature leads to a higher false positive rate,an intranet attack detection method using Bayesian network model for cross-space event correlation and Kalman filter linear model for cross-temporal event correlation was proposed.Based on the method,a process query system was implemented,which can scan and correlate distributed network events according to the user's high-level process description.Experimental analysis show that the proposed method can significantly reduce the false positive rate of intranet attack detection without increasing the computational overhead. |
|---|---|
| ISSN: | 1000-436X |