Title :
A novel algorithm SF for mining attack scenarios model
Author :
Li, Wang ; Zhi-tang, Li ; Jie, Lei ; Yao, Li
Author_Institution :
Dept. of Comput. Sci., Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
Large volume of security data can overwhelm security managers and keep them from performing effective analysis and initiating timely response. Therefore, it is important to develop an advanced alert correlation system to reduce alert redundancy, intelligently correlate security alerts and detect attack strategies. In our system, we introduced statistical filtering method in attack plan recognition. We apply statistical-based techniques to filter out separated and scattered attack behavior and mining frequent attack sequence patterns from the remainder. We use correlativity between two elements in frequent attack sequences to correlate the attack behavior and identify potential attack intentions based on it. We evaluate our approaches using DARPA 2000 data sets. The experiment shows that our approach can effectively discover attack scenarios in reality, provide a quantitative analysis of attack scenarios
Keywords :
correlation methods; data mining; filtering theory; security of data; statistical analysis; advanced alert correlation system; attack plan recognition; data security; frequent attack sequence pattern mining; statistical filtering; Algorithm design and analysis; Computer science; Computer security; Correlation; Data security; Information security; Intelligent sensors; Intrusion detection; Performance analysis; Technology management;
Conference_Titel :
e-Business Engineering, 2006. ICEBE '06. IEEE International Conference on
Conference_Location :
Shanghai
Print_ISBN :
0-7695-2645-4
DOI :
10.1109/ICEBE.2006.9
