摘要
Limitations existed with current methods for attack intention recognition. For instance, they lacked compensatory intrusion evidences, cost enormous system resources and had low precision. To avoid the above flaws, a novel and effective method is proposed. The method generated compensatory intrusion evidences by fusing data from IDS and other security kits like scanner. Then, Bayesian-based attack scenarios were constructed where frequent attack patterns were identified using an efficient data-mining algorithm based on frequent patterns. Finally, attack paths were rebuilt by re-correlating frequent attack patterns mined in the scenarios to judge possible attack strategies precisely. The experimental results demonstrate the capability of the proposed method in rebuilding attack paths, recognizing attack intentions as well as in saving system resources.
| 源语言 | 英语 |
|---|---|
| 页(从-至) | 930-934 |
| 页数 | 5 |
| 期刊 | Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology |
| 卷 | 30 |
| 期 | 8 |
| 出版状态 | 已出版 - 8月 2010 |