By Topic

A Novel Probabilistic Matching Algorithm for Multi-Stage Attack Forecasts

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Bo-Chao Cheng ; Dept. of Commun. Eng., Nat. Chung-Cheng Univ., Chiayi, Taiwan ; Guo-Tan Liao ; Chu-Chun Huang ; Ming-Tse Yu

Current intrusion detection systems (IDSs) can only discover single-step attacks but not complicated multi-stage attacks. Therefore, it is not only important, but also challenging for security managers to correlate security alerts with specific patterns to predict a multi-stage attack. In this paper, we propose Judge Evaluation of Attack intensioN (JEAN), which inspects the security alerts in the network and provides a probabilistic approach for the projection of the multi-stage attack by measuring the difference between the stored and the actual multi-stage attack session graphs (ASG). The experimental results show that JEAN is able to project possible attacks with more accuracy than Longest Common Subsequence (LCS) based approaches on DARPA 2000 and DARPA GCP (Grand Challenge Problem) specific attack scenario datasets.

Published in:

Selected Areas in Communications, IEEE Journal on  (Volume:29 ,  Issue: 7 )