Multi Stage Attack Detection System for Network Administrators Using Data Mining

Free registration required

Executive Summary

In this paper, the authors present a method to discover, visualize, and predict behavior pattern of attackers in a network based system. They proposed a system that is able to discover temporal pattern of intrusion which reveal behaviors of attackers using alerts generated by Intrusion Detection System (IDS). They use data mining techniques to find the patterns of generated alerts by generating Association rules. Their system is able to stream real-time Snort alerts and predict intrusions based on their learned rules. Therefore, they are able to automatically discover patterns in multistage attack, visualize patterns, and predict intrusions.

  • Format: PDF
  • Size: 329.7 KB