A Security Event Correlation Algorithm Based On Attack Sequence
Authors
Dedong Zhang, Hongwei Wang, Kailiang Feng
Corresponding Author
Dedong Zhang
Available Online April 2017.
- DOI
- 10.2991/fmsmt-17.2017.17How to use a DOI?
- Keywords
- Security event, Attack sequence, Association analysis, Security operation center
- Abstract
A new multi-stage attack correlation method based on attack sequence is proposed in this paper. The algorithm first excavates the attack sequence of network attack behaviors from a large number of security events, and then analyzes the correlation of the events which are in accord with certain attack pattern using membership function. The simulation results show that the algorithm can not only correlate multiple isolated security events in attack scenarios to detect composite attack, but also can find the real security threat hidden in security events.
- Copyright
- © 2017, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Dedong Zhang AU - Hongwei Wang AU - Kailiang Feng PY - 2017/04 DA - 2017/04 TI - A Security Event Correlation Algorithm Based On Attack Sequence BT - Proceedings of the 2017 5th International Conference on Frontiers of Manufacturing Science and Measuring Technology (FMSMT 2017) PB - Atlantis Press SP - 81 EP - 86 SN - 2352-5401 UR - https://doi.org/10.2991/fmsmt-17.2017.17 DO - 10.2991/fmsmt-17.2017.17 ID - Zhang2017/04 ER -