Download now Free registration required
Previous works in the area of network security have emphasized the creation of Intrusion Detection Systems (IDSs) to flag malicious network traffic and computer usage. Raw IDS data may be correlated and form attack tracks, each of which consists of ordered collections of alerts belonging to a single multi-stage attack. Assessing an attack track in its early stage may reveal the attacker's capability and behavior trends, leading to projections of future intrusion activities. Behavior trends are captured via Variable Length Markov Models (VLMM) without predetermined attack plans.
- Format: PDF
- Size: 271.7 KB