Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts

@article{Wang2006UsingAG,
  title={Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts},
  author={Lingyu Wang and Anyi Liu and Sushil Jajodia},
  journal={Computer Communications},
  year={2006},
  volume={29},
  pages={2917-2933}
}
To defend against multi-step intrusions in high-speed networks, efficient algorithms are needed to correlate isolated alerts into attack scenarios. Existing correlation methods usually employ an in-memory index for fast searches among received alerts. With finite memory, the index can only be built on a limited number of alerts inside a sliding window. Knowing this fact, an attacker can prevent two attack steps from both falling into the sliding window by either passively delaying the second… CONTINUE READING
Highly Cited
This paper has 176 citations. REVIEW CITATIONS
106 Citations
37 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 106 extracted citations

177 Citations

02040'09'12'15'18
Citations per Year
Semantic Scholar estimates that this publication has 177 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 37 references

Towards a theory of insider threat assessment

  • A. R. Chinchani andIyer, H. Ngo, S. Upadhyay
  • in: Proceedings of the IEEE International…
  • 2005
1 Excerpt

Similar Papers

Loading similar papers…