Correlating intrusion events and building attack scenarios through attack graph distances

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn , Issue , 2004, Pages 350-359

  Noel, Steven ^a   Robertson, Eric ^a   Jajodia, Sushil ^a  

^a Krasnow Institute for Advanced Study   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

FILTER CONSTANT; GRAPH DISTANCES; INTRUSION EVENTS; ONLINE EVENT PROCESSING;

ALARM SYSTEMS; DATABASE SYSTEMS; INTERNET; QUALITY OF SERVICE; REAL TIME SYSTEMS; SECURITY OF DATA; SECURITY SYSTEMS; SERVERS;

CYBERNETICS;

EID: 21644481812     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2004.11     Document Type: Conference Paper

References (15)

1. F. Cuppens, A. Miege, "Alert Correlation in a Cooperative Intrusion Detection Framework," in Proceedings of the 2002 IEEE Symposium on Security and Privacy, May 2002.
2. th Annual Computer Security Applications Conference, Las Vegas, Nevada, December 2003.
3. th International Symposium on Recent Advances in Intrusion Detection, Davis, California, 2001.
4. O. Dain, R. Cunningham, "Building Scenarios from a Heterogenous Alert Stream," in Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, West Point, New York, June 2001.
5. P. Ning, D. Xu, C. Healey, R. St. Amant, "Building Attack Scenarios through Integration of Complementary Alert Correlation Methods," in Proceedings of the 11th Annual Network and Distributed System Security Symposium, February, 2004.
6. th Symposium on Recent Advances in Intrusion Detection, Zurich, Switzerland, October 2002.
7. th Annual Computer Security Applications Conference, Las Vegas, Nevada, December 2002.
8. th Annual Computer Security Applications Conference, Las Vegas, Nevada, December 2003.
9. S. Jajodia, S. Noel, B. O'Berry, "Topological Analysis of Network Attack Vulnerability," in Managing Cyber Threats: Issues, Approaches and Challenges, V. Kumar, J. Srivastava, A. Lazarevic (eds.), Kluwer Academic Publisher, 2004.
10. R. Ritchey, P. Ammann, "Using Model Checking to Analyze Network Vulnerabilities," in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, 2000.
11. O. Sheyner, J. Haines, S. Jha, R. Lippmann, J. Wing, "Automated Generation and Analysis of Attack Graphs," in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, 2002.
12. L. Swiler, C. Phillips, D. Ellis, S. Chakerian, "ComputerAttack Graph Generation Tool," in Proceedings of DARPA Information Survivability Conference & Exposition II, June 2001.
13. J. Dawkins, C. Campbell, J. Hale, "Modeling Network Attacks: Extending the Attack Tree Paradigm," in Proceedings of Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, Johns Hopkins University, June 2002.
14. th ACM Conference on Computer and Communications Security (CCS), Washington, DC, November 2002.
15. S. Noel, S. Jajodia, "Managing Attack Graph Complexity through Visual Hierarchical Aggregation," in Proceedings of the ACM CCS Workshop on Visualization and Data Mining for Computer Security, Fairfax, Virginia, 2004.