Correlation in an intrusion detection process

@inproceedings{Cuppens2002CorrelationIA,
  title={Correlation in an intrusion detection process},
  author={Fr{\'e}d{\'e}ric Cuppens and Fabien Autrel and Alexandre Mi{\`e}ge and Salem Benferhat},
  year={2002}
}
Generally, the intruder must perform several actions, organized in an intrusion scenario, to achieve his or her malicious objective. We argue that intrusion scenarios can be modelled as a planning process and we suggest modelling a malicious objective as an attempt to violate a given security requirement. Our proposal is then to extend the definition of attack correlation presented in [2] to correlate attacks with intrusion objectives and to introduce the notion of anti correlation. These… CONTINUE READING
Highly Cited
This paper has 74 citations. REVIEW CITATIONS

Citations

Publications citing this paper.
Showing 1-10 of 44 extracted citations

74 Citations

01020'05'08'11'14'17
Citations per Year
Semantic Scholar estimates that this publication has 74 citations based on the available data.

See our FAQ for additional information.

Similar Papers

Loading similar papers…