A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Intrusion detection systems and multisensor data fusion
Communications of the ACM
Bayesian Networks and Decision Graphs
Bayesian Networks and Decision Graphs
Constructing attack scenarios through correlation of intrusion alerts
Proceedings of the 9th ACM conference on Computer and communications security
Probabilistic Alert Correlation
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Alert Correlation in a Cooperative Intrusion Detection Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Generalized OWA Aggregation Operators
Fuzzy Optimization and Decision Making
Techniques and tools for analyzing intrusion alerts
ACM Transactions on Information and System Security (TISSEC)
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Attack Plan Recognition and Prediction Using Causal Networks
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Alert Correlation through Triggering Events and Common Resources
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Evaluating threat assessment for multi-stage cyber attacks
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Hierarchical aggregation functions generated from belief structures
IEEE Transactions on Fuzzy Systems
A vulnerability attack graph generation method based on scripts
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
Risk-Based models of attacker behavior in cybersecurity
SBP'13 Proceedings of the 6th international conference on Social Computing, Behavioral-Cultural Modeling and Prediction
Hi-index | 0.00 |
The use of computer networks has become a necessity for government, industry, and personal businesses. Protection and defense against cyber attacks on computer networks, however, are becoming inadequate as attackers become more sophisticated and as the networks and systems become more complex. Drawing analogies from other application domains, this paper introduces information fusion to provide situation awareness and threat prediction from massive volumes of sensed data. An in-depth discussion is provided to define fusion tasks for cyber defense. A novel cyber fusion system is proposed to address specifically the tracking and projection of multistage attacks. Critical assessments of the developed attack tracking and threat projection sub-components are provided with simulation results. This pioneering work elaborates the benefits, limitations, and future challenges of high level information fusion for cyber security.