Predicting multi-stage attacks based on hybrid approach
نویسندگان
چکیده
Multi-stage attacks can evolve dramatically causing much loss and damage to organisations. These attacks are frequently instigated by exploiting actions, which in isolation are legal and are therefore particularly challenging to detect. Much research has been conducted in the multi-stage detection area, in order to build a framework based on an events correlation approach. This paper proposes a framework that predicts multi-stage attacks based on a hybrid approach, which combines two techniques; IP information evaluation and process query system (PQS). This paper shows the analysis of three multi stage attacks, detailing their steps and information hitherto unexploited in current intrusion detection systems. The paper also goes through the implementation of each technique used in the
منابع مشابه
A multi-stage stochastic programming for condition-based maintenance with proportional hazards model
Condition-Based Maintenance (CBM) optimization using Proportional Hazards Model (PHM) is a kind of maintenance optimization problem in which inspections of a system relevant to its failure rate depending on the age and value of covariates are performed in time intervals. The general approach for constructing a CBM based on PHM for a system is to minimize a long run average cost per unit of time...
متن کاملA stochastic network design of bulky waste recycling – a hybrid harmony search approach based on sample approximation
Facing supply uncertainty of bulky wastes, the capacitated multi-product stochastic network design model for bulky waste recycling is proposed in this paper. The objective of this model is to minimize the first-stage total fixed costs and the expected value of the second-stage variable costs. The possibility of operation costs and transportation costs for bulky waste recycling is considered ...
متن کاملA Novel Hybrid Approach for Email Spam Detection based on Scatter Search Algorithm and K-Nearest Neighbors
Because cyberspace and Internet predominate in the life of users, in addition to business opportunities and time reductions, threats like information theft, penetration into systems, etc. are included in the field of hardware and software. Security is the top priority to prevent a cyber-attack that users should initially be detecting the type of attacks because virtual environments are not moni...
متن کاملReliable Designing of Capacitated Logistics Network with Multi Configuration Structure under Disruptions: A Hybrid Heuristic Based Sample Average Approximation Algorithm
We consider the reliable multi configuration capacitated logistics network design problem (RMCLNDP) with system disruptions, concerned with facilities locating, transportation links constructing, and also allocating their limited capacities to the customers in order to satisfy their demands with a minimum expected total cost (including locating costs, link constructing costs, as well as expecte...
متن کاملIntrusion Detection based on a Novel Hybrid Learning Approach
Information security and Intrusion Detection System (IDS) plays a critical role in the Internet. IDS is an essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality and system availability against possible threats. In this paper, a hybrid approach towards achieving high performance is proposed. In fact, the important goal of this paper ...
متن کامل