2020
DOI: 10.1007/s10489-020-02007-5
|View full text |Cite
|
Sign up to set email alerts
|

Cyber intrusion detection through association rule mining on multi-source logs

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
8
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
3
3
1

Relationship

0
7

Authors

Journals

citations
Cited by 20 publications
(8 citation statements)
references
References 31 publications
0
8
0
Order By: Relevance
“…A complementary explanation of that phenomenon is that there is no affirmed threat model for microservices, e.g ., due to the difficulty of making the model specific enough for microservices yet avoiding the infamous problem of threat explosion, where the effort required to prioritise and consider all threats starts exceeding the benefits of proposing methods to manage them Wuyts et al (2018) . Threat explosion is a known problem of neighbouring areas to microservices, like cloud, edge, and fog computing ( Di Francesco, Malavolta & Lago, 2017 ; Ibrahim, Bozhinoski & Pretschner, 2019 ; Guija & Siddiqui, 2018 ; Lou et al, 2020 ; Flora, 2020 ; Truong & Klein, 2020 ; Russinovich et al, 2021 ) where the authors resorted to defining smaller, customised threat models rather than adopting standard ones, due to the problem of requiring conspicuous adaptation efforts to tailor them to such complex and multifaceted architectures.…”
Section: Review Resultsmentioning
confidence: 99%
“…A complementary explanation of that phenomenon is that there is no affirmed threat model for microservices, e.g ., due to the difficulty of making the model specific enough for microservices yet avoiding the infamous problem of threat explosion, where the effort required to prioritise and consider all threats starts exceeding the benefits of proposing methods to manage them Wuyts et al (2018) . Threat explosion is a known problem of neighbouring areas to microservices, like cloud, edge, and fog computing ( Di Francesco, Malavolta & Lago, 2017 ; Ibrahim, Bozhinoski & Pretschner, 2019 ; Guija & Siddiqui, 2018 ; Lou et al, 2020 ; Flora, 2020 ; Truong & Klein, 2020 ; Russinovich et al, 2021 ) where the authors resorted to defining smaller, customised threat models rather than adopting standard ones, due to the problem of requiring conspicuous adaptation efforts to tailor them to such complex and multifaceted architectures.…”
Section: Review Resultsmentioning
confidence: 99%
“…In Reference 73, the security log rule basis is important for security managers to perform vulnerability detection and intrusion detection. A technique based on an adaptive‐miner algorithm is provided to create a rule base for cyber ID.…”
Section: Intrusion Detection Systemsmentioning
confidence: 99%
“…In [10] association rules were extracted from multi-source security logs (e.g., snort, firewall, and system logs) captured in a cloud environment to identify attackers' intrusion behaviour. Data were gathered through simulation of intrusion attacks.…”
Section: Related Workmentioning
confidence: 99%
“…As a result, attack patterns followed by attackers can be identified by correlating the executed commands. These attack patterns can be used either as part of an IDS to facilitate the detection of the attacks [10] or to further analyse the behaviour of attackers and extract insights.…”
Section: Pattern Identification Using Arlmentioning
confidence: 99%
See 1 more Smart Citation