A theory of multiple classifier systems and its application to visual word recognition
A theory of multiple classifier systems and its application to visual word recognition
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Two Formal Analys s of Attack Graphs
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Scenario graphs and attack graphs
Scenario graphs and attack graphs
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Automatic generation of attack scenarios for intrusion detection systems
AICT-ICIW '06 Proceedings of the Advanced Int'l Conference on Telecommunications and Int'l Conference on Internet and Web Applications and Services
Practical Attack Graph Generation for Network Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Minimum-cost network hardening using attack graphs
Computer Communications
An Event-Driven Architecture for Fine Grained Intrusion Detection and Attack Aftermath Mitigation
ECBS '07 Proceedings of the 14th Annual IEEE International Conference and Workshops on the Engineering of Computer-Based Systems
Identification of suspicious, unknown event patterns in an event cloud
Proceedings of the 2007 inaugural international conference on Distributed event-based systems
Proceedings of the 2007 inaugural international conference on Distributed event-based systems
Using Attack Graphs to Design Systems
IEEE Security and Privacy
Toward measuring network security using attack graphs
Proceedings of the 2007 ACM workshop on Quality of protection
Event-Driven Architecture for Intrusion Detection Systems Based on Patterns
SECURWARE '08 Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies
Core technology analysis and development for the virus and hacking prevention
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Polymorphic worm detection using structural information of executables
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Journal of Network and Systems Management
| Hi-index | 0.00 |
Complex multistep attacks are the most usual way of performing computer intrusions nowadays. Unfortunately, not many efforts have been done so far to cope with this kind of intrusions, especially considering possible mutations or changes that a given step may have in any complex attack. In this context, this paper describes the design and the first prototype of an architecture built to cope with complex attacks. It lays on a three-tier approach and makes use of events and patterns, as well as two probabilistic values to manage possible variations of an attack. An illustrative example for the directory traversal bug has been described in detail as well.