Proceedings of the 2017 5th International Conference on Frontiers of Manufacturing Science and Measuring Technology (FMSMT 2017)

A Security Event Correlation Algorithm Based On Attack Sequence

Authors
Dedong Zhang, Hongwei Wang, Kailiang Feng
Corresponding Author
Dedong Zhang
Available Online April 2017.
DOI
https://doi.org/10.2991/fmsmt-17.2017.17How to use a DOI?
Keywords
Security event, Attack sequence, Association analysis, Security operation center
Abstract
A new multi-stage attack correlation method based on attack sequence is proposed in this paper. The algorithm first excavates the attack sequence of network attack behaviors from a large number of security events, and then analyzes the correlation of the events which are in accord with certain attack pattern using membership function. The simulation results show that the algorithm can not only correlate multiple isolated security events in attack scenarios to detect composite attack, but also can find the real security threat hidden in security events.
Open Access
This is an open access article distributed under the CC BY-NC license.

Download article (PDF)

Cite this article

TY  - CONF
AU  - Dedong Zhang
AU  - Hongwei Wang
AU  - Kailiang Feng
PY  - 2017/04
DA  - 2017/04
TI  - A Security Event Correlation Algorithm Based On Attack Sequence
BT  - Proceedings of the 2017 5th International Conference on Frontiers of Manufacturing Science and Measuring Technology (FMSMT 2017)
PB  - Atlantis Press
SP  - 81
EP  - 86
SN  - 2352-5401
UR  - https://doi.org/10.2991/fmsmt-17.2017.17
DO  - https://doi.org/10.2991/fmsmt-17.2017.17
ID  - Zhang2017/04
ER  -