Research on discovering multi-step attack patterns based on clustering IDS alert sequences

Research on discovering multi-step attack patterns based on clustering IDS alert sequences

A method of discovering multi-step attack patterns from alert data was studied.Alert similarity function was defined to construct the set of attack activity sequences.Sequence alignment technology was used to cluster the similar attack activity sequences.Multi-step attack patterns in a cluster were...

Full description

Saved in:
Bibliographic Details
Main Authors: MEI Hai-bin1, GONG Jian1, ZHANG Ming-hua2
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2011-01-01
Series:Tongxin xuebao
Subjects:
intrusion detection
alert correlation
multi-step attack
clustering
Online Access:http://www.joconline.com.cn/zh/article/74418776/
Tags: Add Tag
No Tags, Be the first to tag this record!

Similar Items

Similar Items