By Topic

Using Network Attack Graph to Predict the Future Attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Jie Lei ; Huazhong Univ. of Sci. & Technol., Wuhan ; Zhi-tang Li

An intrusion detection system (IDS) generates alerts indicating what malicious behaviors are going on against the protected network system. When comparing the real-time reported IDS alerts with the network attack graph which provides all possible sequences of exploits that an intruder may use to penetrate the system, some prediction on future attacks can be made. In this paper we proposed a novel approach to predicting future attacks. First an attack graph is generated through data mining and the predictability of every attack scenario which represents how probable there would be oncoming attacks following the attack scenario can be estimated. Then in real-time intrusion detection environment the IDS alerts are correlated into attack scenarios and ranked by their predictability scores. Finally the attack scenarios with high predictability are used as the evidence to make prediction on future attacks. The effectiveness of the approach has been validated with a honeynet system.

Published in:

Communications and Networking in China, 2007. CHINACOM '07. Second International Conference on

Date of Conference:

22-24 Aug. 2007