期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于动态贝耶斯规划图的状态安全报警关联 被引量:1

Stateful Security Alert Correlation by Dynamic Bayesian Plan Graph
下载PDF
导出
摘要 提出状态报警关联的概念以及基于动态贝耶斯规划图的报警关联算法。动态贝耶斯规划图在规划图的基础上结合了动态贝耶斯网络推理,显式地表示系统状态以及状态和攻击动作之间的相互影响。算法用贝耶斯推理处理不确定信息,量化地评估系统安全状态,并且有效地消除误报。 The concept of stateful alert correlation and a correlation algorithm based on dynamic Bayesian planning graph are proposed. Dynamic Bayesian planning graph adds dynamic Bayesian inference to based planning graph. It represents system security states explicitly and the relation between states and actions. The algorithm handles uncertain information with Bayesian inference, giving a quantitative evaluation of the security state of a system and eliminating false alarms effectively.
作者 徐辉 冯晋雯 叶志远
机构地区 北京大学计算机科学技术研究所信息安全实验室
出处 《北京大学学报(自然科学版)》 EI CAS CSCD 北大核心 2006年第1期127-132,共6页 Acta Scientiarum Naturalium Universitatis Pekinensis
关键词 报警关联 入侵检测 规划图 动态贝耶斯网络 alert correlation intrusion detection plan graph dynamic Bayesian network
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献14

  • 1NSA Glossary of Terms in Intrusion Detection. http://www.sans.org/resources/glossary.php. June 2003.
  • 2Debar H, Wespi A. Aggregation and Correlation of Intrusion-Detection Alerts. In Proceedings of the 4^th International Symposium, Recent Advances in Intrusion Detection (RAID)2001. Springer-Verlag Lecture Notes in Computer Science,2001. 85-103.
  • 3Moring B, Me L, Debar H, et al. M2D2: A formal Data Model for IDS Alert Correlation. In Proceedings of the 5^th International Symposium, Recent Advances in Intrusion Detection (RAID) 2002. Springer-Verlag Lecture Notes in Computer Science, 2002. 177-198.
  • 4Geib C W, Goldman R P. Plan Recognition in Intrusion Detection Systems. In DAPRA Information Survivability Conference and Exposition(DISCEX), 2001.46.
  • 5Benjamin Morin, Herre Debar. Correlation of Intrusion Symptoms: An Application of Chronicles. Proceedings of the 6^th symposium on Recent Advances in Intrusion Detection(RAID 2003). Pittsburg: Carnegie Mellon University, 2003.94-112.
  • 6Hui Xu, Jinwen Feng, Aimin Pan. A Novel Temporal Scenario Recognition Algorithm and Its Applieation in Intrusion Detection Alert Fusion. Journal of Peking University, 2005(41), 448-460.
  • 7Ning P, Cui Y, Reeves D S. Constructing Attack Scenarios through Correlation of Intrusion Alerts. In Proceedings of the 9^th ACM Conference on Computer and Communications Security, 2002. 245-254.
  • 8Peng Ning, Dingbang Xu, Christopher G, et al. Building Attack Scenarios through Integration of Complementary Alert Correlation Methods, In the Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS),2004. 97-111.
  • 9Cuppens F, Miege A. Alert Correlation in a Cooperative Intrusion Detection Framework, Proceedings of the IEEE Symposium on Security and Privacy, 2002.
  • 10Cuppens F, Autrel F, Miege A, et al. Recognizing Malicious Intention in an Intrusion Detection Process. Second International Conference on Hybrid Intelligent Systems.Santiago, 2002.

同被引文献21

引证文献1

二级引证文献10

北京大学学报(自然科学版)
2006年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部