Title :
Network Threat Assessment Based on Alert Verification
Author :
Rongrong Xi ; Xiaochun Yun ; Jin, Shuyuan ; Zhang, Yongzheng
Author_Institution :
Inst. of Comput. Technol., Beijing, China
Abstract :
In face of overwhelming alerts produced by firewalls or intrusion detection devices, it is difficult to assess network threats that we face. In this paper, we propose a threat assessment approach to estimate the impact of attacks on network. The approach employs the Common Vulnerability Scoring System to quantitatively assess network threats and further correlates alerts with contextual information to improve the accuracy of assessment. In the case studies, we demonstrate how the approach is applied in real networks. The experimental results show that the approach can make an accurate assessment of network threats.
Keywords :
authorisation; computer network security; alert verification; common vulnerability scoring system; firewalls; intrusion detection devices; network threat assessment; Computers; Databases; Intrusion detection; Network topology; Probes; Sensors; alert verification; quantitative assessment; threat assessment;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies (PDCAT), 2011 12th International Conference on
Conference_Location :
Gwangju
Print_ISBN :
978-1-4577-1807-6
DOI :
10.1109/PDCAT.2011.57
