Intrusion Scenario Dynamic Correlation Algorithm Based on Single Value Causality Diagram

Chunyou Zhang; Xiao Qiang Wu

doi:10.4028/www.scientific.net/AMR.926-930.3063

Paper Titles

Hybrid Projective Synchronization of Different Fractional Order Hyperchaotic Systems
p.3046

Image Background Removal by Contour Feature
p.3050

Improved GPSR Algorithm Based on the Last Hop Node Selection Mechanism of the Destination Node
p.3054

Improved SIFT Algorithm Based on Mixed Programming
p.3058

Intrusion Scenario Dynamic Correlation Algorithm Based on Single Value Causality Diagram
p.3063

LW Algorithm in the Application Research of Digital Blasting Vibration Signal Compression
p.3068

Margin Refine of Candide-3 Model for Facial Deformation
p.3073

Modeling and Analysis of Air Defense Process for Warship Formation Based on PEPA
p.3079

Modeling and Analysis of the Ground Experiment for Restricted Three-Body Problem
p.3084

HomeAdvanced Materials ResearchAdvanced Materials Research Vols. 926-930Intrusion Scenario Dynamic Correlation Algorithm...

Intrusion Scenario Dynamic Correlation Algorithm Based on Single Value Causality Diagram

Abstract:

In order to obtain the effective network intrusion alarm information, and reveal the intention of attackers, an intrusion scenario dynamic correlation algorithm is proposed based on single value causality diagram. According to the composition principle of single value causality diagram, the key factors of the cause and effect diagram are defined. By relating the alarm information of intrusion detection system, attack scenarios are constructed based on cause and effect diagram, and dynamic correction is conduct. Based on the MIT Lincoln laboratory data sets, the correlation test is done using the above attack scenario correlation algorithm. Test results show that the reconstruction of attack scenarios and actual condition have very good consistency, proving that the proposed correlation algorithm can correctly reflect the real hacker intrusion process. The research of this paper provides effective help for the security administrator to implement effective management measures.

You might also be interested in these eBooks

Progress in Applied Sciences, Engineering and Technology

View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 926-930)

Pages:

3063-3067

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.926-930.3063

Citation:

Cite this paper

Online since:

May 2014

Authors:

Chunyou Zhang, Xiao Qiang Wu*

Keywords:

Alarm Information, Intrusion Scenario, Network Security, Single Value Causality Diagram

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

* - Corresponding Author

References

[1] Nian dong Liao. Dynamic information security risk assessment model of research [D]. Beijing jiaotong university, (2009).

Google Scholar

[2] Liu Zhijie. An alarm correlation algorithm based on complex attack path graph [J]. Journal of nanjing university, 2010, 46-48 (1) : 56-63.

Google Scholar

[3] Shi Qingxi. Causality diagram learning and reasoning algorithms [D]. Chongqing university, (2005).

Google Scholar

[4] FanXingHua Zhang Qin, etc. Multiple value causality diagram reasoning algorithm study [J]. Journal of computers, 2003, 26 (3) : 310-321.

Google Scholar

[5] MIT Lincoln Lab. 2000 DARPA intrusion detection scenario specific dataset [EB/ OL] . http: /www. ll. mit. edu/mission/communications/ist/corpora/ideval/data/2000/LLS_DDOS_1. 0. html.

Google Scholar

[6] Wang Zhuo, Fan Jiu-lun. Intrusion scenario building based on hidden markup model [J]. Computer application research, 26 (10) : 3933-3937, (2009).

Google Scholar

[7] ke Li, Lian YI-feng. A DDos attack oriented network security situation assessment method [J]. Computer engineering and application, 45 (27) : 88-91, (2009).

Google Scholar

[8] XiaoYun Wang Xuanhong, etc. Based on the uncertainty of knowledge discovery intrusion alarm correlation method [J]. Journal of computer applications, 29 (3) : 808-812, (2009).

Google Scholar