2010 13th International Conference on Information Fusion 2010
DOI: 10.1109/icif.2010.5712046
|View full text |Cite
|
Sign up to set email alerts
|

Clustering of multistage cyber attacks using significant services

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
3
0

Year Published

2012
2012
2022
2022

Publication Types

Select...
2
1
1

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(3 citation statements)
references
References 8 publications
0
3
0
Order By: Relevance
“…Analysing multi-Step attacks Alert clustering, alert merging and intent recognition [80], alert correlation framework [278], causal correlation [281], clustered adjacency matrices [285], divide and conquer framework [220], divisive hierarchical clustering algorithm [272], exploit dependency graph [73], other contributions include: [91,228,273,238,349,14,64,173,329] Attack path analysis…”
Section: Event Predictionmentioning
confidence: 99%
See 1 more Smart Citation
“…Analysing multi-Step attacks Alert clustering, alert merging and intent recognition [80], alert correlation framework [278], causal correlation [281], clustered adjacency matrices [285], divide and conquer framework [220], divisive hierarchical clustering algorithm [272], exploit dependency graph [73], other contributions include: [91,228,273,238,349,14,64,173,329] Attack path analysis…”
Section: Event Predictionmentioning
confidence: 99%
“…Graph based network vulnerability analysis [313], clustered adjacency matrices [285], ranked attack graph using PageRank [256], dependency attack graphs [344], optimal IDS placement [21,287], NetSPA [169], attack response graph [241] Predicting the impact of configuration settings Reverse graph traversal for identifying critical preconditions and vulnerabilities [403], ranked attack graph [256], adjacency matrix clustering method and reachability analysis [285], predictive graph [169,229,287], divisive hierarchical clustering algorithm [272] of a successful attack path. Each node in the graph represents a potential vulnerability and the preconditions and postconditions associated with the vulnerability.…”
Section: Optimal Device Configurationmentioning
confidence: 99%
“…They apply a double clustering followed by a loose application of LCS (Longest Common Subsequence). Moreover, Murphy uses a similarity matrix based on the services each attack exploits [14,15]. Clusters of alerts are extracted using Divisive Hierarchical Clustering (DHC) on a social network graph derived from the similarity matrix.…”
Section: Background and Related Workmentioning
confidence: 99%