Probabilistic reasoning in intelligent systems: networks of plausible inference
Probabilistic reasoning in intelligent systems: networks of plausible inference
Causality: models, reasoning, and inference
Causality: models, reasoning, and inference
Representing TCP/IP Connectivity For Topological Analysis of Network Security
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Location management in pervasive systems
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Modeling network intrusion detection alerts for correlation
ACM Transactions on Information and System Security (TISSEC)
Using Semantic Networks and Context in Search for Relevant Software Engineering Artifacts
Journal on Data Semantics XIV
Layered Approach Using Conditional Random Fields for Intrusion Detection
IEEE Transactions on Dependable and Secure Computing
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
An operational definition of context
CONTEXT'07 Proceedings of the 6th international and interdisciplinary conference on Modeling and using context
An Empirical Evaluation of Similarity Coefficients for Binary Valued Data
International Journal of Data Warehousing and Mining
Hi-index | 0.00 |
This paper presents a novel layered cyber-attack detection approach utilising: 1 semantic relationships between attacks to infer possible related suspicious network activities from connections between hosts; 2 contextual information expressed as attack context profiles on top of semantic relationships. The combined use of context and semantics in intrusion detection results in predicting attacks with higher accuracy while decreasing the number of false positives at the same time. A prototype system has been implemented and experiments have been conducted on it. The results exhibit higher or competitive detection rates compared with other existing approaches.