Discovering attack structures using behaviour driven alert correlation with dynamic visualization of network intrusions

ACTA Press
Publication Type:
Conference Proceeding
Proceedings of the IASTED International conference on communication, newtork and information security, 2005, pp. 55 - 63
Issue Date:
Full metadata record
Files in This Item:
Filename Description Size
Thumbnail2005002851.pdf975.79 kB
Adobe PDF
The existing Intrusion Detection Systems often generate alerts that represent only a sub attack of the attack, which the attacker is trying to accomplish. There is no work previously been carried out to implicitly link alerts together to discover attack plans from generated alerts. This paper proposes the system frame-work for behavior driven dynamic visual intrusion detection system that can be used to find out implicit relationships among alerts and discover attack plans which consist of smaller attacks, carried out in some particular sequential order. The paper also talks about how dynamic visualization along with the static visualization can be used for the visualization of alert and attack structures.
Please use this identifier to cite or link to this item: