Framework and Models for Multistep Attack Detection

Cyber attacks are becoming increasingly complex, especially when the target is a modern IT infrastructure, characterized by a layered architecture that integrates several security technologies such as firewalls and intrusion detection systems. These contexts can be violated by a multistep attack that is a complex attack strategy that comprises multiple correlated intrusion activities. While a modern Intrusion Detection System detects single intrusions, it is unable to link them together and to highlight the strategy that underlies a multistep attack.

Provided by: University of Modena and Reggio Emilia Topic: Security Date Added: Oct 2011 Format: PDF

Find By Topic