By Topic

Intrusion activity projection for cyber situational awareness

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Shanchieh J. Yang ; Department of Computer Engineering, Rochester Institute of Technology, USA ; Stephen Byers ; Jared Holsopple ; Brian Argauer
more authors

Previous works in the area of network security have emphasized the creation of intrusion detection systems (IDSs) to flag malicious network traffic and computer usage. Raw IDS data may be correlated and form attack tracks, each of which consists of ordered collections of alerts belonging to a single multi-stage attack. Assessing an attack track in its early stage may reveal the attackerpsilas capability and behavior trends, leading to projections of future intrusion activities. Behavior trends are captured via variable length Markov models (VLMM) without predetermined attack plans. A virtual terrain schema is developed to model network and system configurations, and used to estimate critical elements and vulnerabilities exposed to each attacker given his/her progress. Experimental results show promises for these proactive measures in ensuring continuous and critical cyber operations.

Published in:

Intelligence and Security Informatics, 2008. ISI 2008. IEEE International Conference on

Date of Conference:

17-20 June 2008