首页> 外文会议>CSS 2013 >Online Mining of Attack Models in IDS Alerts from Network Backbone by a Two-Stage Clustering Method

【24h】

Online Mining of Attack Models in IDS Alerts from Network Backbone by a Two-Stage Clustering Method

机译：通过双级聚类方法从网络骨干网上在线挖掘攻击模型中的攻击模型

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

There is little work has been done to mine attack models online in IDS alerts from the network backbone. The contributions of this paper are three-fold. Firstly, we put forward a software-pipeline online attack models mining framework suited with alert clustering mining methods. Secondly, we propose an online alert reduction method and improve two-stage clustering method. Thirdly, we propose an approach to adjust parameters used in the framework on the fly. The experiment shows that the data feature is stable in sequence length to apply the parameters self-adjustment algorithm, and parameters self-adjustment works well under the online mining framework. The online mining attack models is efficient compare to offline mining method, and generated attack models have convincing logic relation.

机译：从网络骨干网中的IDS警报中挖掘攻击模型几乎没有工作。本文的贡献是三倍。首先，我们提出了一个软件 - 管道在线攻击模型挖掘框架，适用于警报聚类挖掘方法。其次，我们提出了一种在线警报还原方法并提高两级聚类方法。第三，我们提出了一种方法来调整框架中使用的参数。实验表明，数据特征在序列长度稳定以应用参数自调节算法，参数自调整在在线挖掘框架下运行良好。在线挖掘攻击模型与离线挖掘方法有效，生成的攻击模型具有令人信服的逻辑关系。

著录项

来源
《CSS 2013》|2013年||共13页
会议地点
作者
Lin-Bo Qiao; Bo-Feng Zhang; Rui-Yuan Zhao; Jin-Shu Su;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 005.8;
关键词
Attack model mining online; alert reduction; two-stage clustering; sequence analysis; behavior analysis; parameters adjustment.;

机译：攻击模型挖掘在线;警告减少;两级聚类;序列分析;行为分析;参数调整。;

相似文献

外文文献
中文文献
专利

1. Network Attack Scenarios Extraction and Categorization by Mining IDS Alert Streams [J] . Wei Yan Journal of Universal Computer Science . 2005,第8期

机译：通过挖掘IDS警报流来提取和分类网络攻击方案
2. Online Mining Intrusion Patterns from IDS Alerts [J] . Kai Zhang, Shoushan Luo, Yang Xin, Applied Sciences . 2020,第8期

机译：来自IDS警报的在线挖掘入侵模式
3. Attack scenario reconstruction approach using attack graph and alert data mining [J] . Hu Hao, Liu Jing, Zhang Yuchen, Journal of information security and applications . 2020,第Octa期

机译：使用攻击图和警报数据挖掘攻击场景重建方法
4. Online Mining of Attack Models in IDS Alerts from Network Backbone by a Two-Stage Clustering Method [C] . Lin-Bo Qiao, Bo-Feng Zhang, Rui-Yuan Zhao, International symposium on cyberspace safety and security . 2013

机译：通过两阶段聚类方法在线挖掘网络骨干IDS警报中的攻击模型
5. Modeling content lifespan in Online Social Networks using data mining. [D] . Gibbons, John. 2014

机译：使用数据挖掘对在线社交网络中的内容寿命进行建模。
6. A two-stage algorithm for extracting the multiscale backbone of complex weighted networks [O] . Paul B. Slater 2009

机译：提取复杂加权网络多尺度骨干的两阶段算法
7. A Combined Model of Clustering and Classification Methods for Preserving Privacy in Social Networks against Inference and Neighborhood Attacks [O] . Ali Zaghian, Ayoub Bagheri 2016

机译：用于保护社会网络隐私的聚类和分类方法的组合模型及其推论和邻里攻击
8. Data Mining and Concept Clustering in Determining the Nature of a Network Attack. [R] . Maciag, C. 2002

机译：确定网络攻击性质的数据挖掘与概念聚类。

Online Mining of Attack Models in IDS Alerts from Network Backbone by a Two-Stage Clustering Method

摘要

著录项

相似文献

相关主题

期刊订阅