Download now Free registration required
Large-scale networks generate enormous numbers of events that network analysts must parse through in order to determine which are malicious attacks and which are not. Additionally, network analysts must prioritize the events such that the most severe attacks are resolved first in order to limit the potential for damage to the network as much as possible. While there exist many data reduction and event correlation techniques for reducing the amount of data needing analysis, these techniques do not provide prioritization capabilities. This paper discusses the novel impact and vulnerability assessment techniques geared towards the prioritization of events.
- Format: PDF
- Size: 644.57 KB