Sciweavers

JCS
2002
100views more  JCS 2002»
14 years 8 days ago
STATL: An Attack Language for State-Based Intrusion Detection
STATL is an extensible state/transition-based attack description language designed to support intrusion detection. The language allows one to describe computer penetrations as seq...
Steve T. Eckmann, Giovanni Vigna, Richard A. Kemme...
ACSAC
2004
IEEE
14 years 4 months ago
Attack Plan Recognition and Prediction Using Causal Networks
Correlating and analyzing security alerts is a critical and challenging task in security management. Recently, some techniques have been proposed for security alert correlation. H...
Xinzhou Qin, Wenke Lee
ACSAC
2004
IEEE
14 years 4 months ago
Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances
We map intrusion events to known exploits in the network attack graph, and correlate the events through the corresponding attack graph distances. From this, we construct attack sc...
Steven Noel, Eric Robertson, Sushil Jajodia
DISCEX
2003
IEEE
14 years 5 months ago
Modeling Multistep Cyber Attacks for Scenario Recognition
Efforts toward automated detection and identification of multistep cyber attack scenarios would benefit significantly from a methodology and language for modeling such scenario...
Steven Cheung, Ulf Lindqvist, Martin W. Fong
ESORICS
2004
Springer
14 years 6 months ago
Discovering Novel Attack Strategies from INFOSEC Alerts
Abstract. Correlating security alerts and discovering attack strategies are important and challenging tasks for security analysts. Recently, there have been several proposed techni...
Xinzhou Qin, Wenke Lee