Towards high level attack scenario graph through honeynet data correlation analysis | |
Jianwei, Zhuge ; Xinhui, Han ; Yu, Chen ; Zhiyuan, Ye ; Wei, Zou | |
2006 | |
英文摘要 | Honeynet Data Analysis has become a core requirement of honeynet technology. However, current honeynet data analysis mechanisms are still unable to provide security analysts enough capacities of comprehend the captured data quickly, in particular, there is no work done on behavior level correlation analysis. Towards providing high level attack scenario graphs, in this paper, we propose a honeynet data correlation analysis model and method. Based on a network attack and defense knowledge base and network environment perceiving mechanism, our proposed honeynet data correlation analysis method can recognize the attacker\s plan from a large volume of captured data and consequently reconstruct attack scenarios. Two proof-of-concept experiments on Scan of the Month 27 dataset and inthe-wild botnet scenarios are presented to show the effectiveness of our method. ? 2006 IEEE.; EI; 0 |
语种 | 英语 |
内容类型 | 其他 |
源URL | [http://ir.pku.edu.cn/handle/20.500.11897/321481] |
专题 | 计算机科学技术研究所 |
推荐引用方式 GB/T 7714 | Jianwei, Zhuge,Xinhui, Han,Yu, Chen,et al. Towards high level attack scenario graph through honeynet data correlation analysis. 2006-01-01. |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论