|
|
A Multi-step Attack Recognition and Prediction Method Via Mining Attacks Conversion FrequenciesKeywords: Network security , multi-step attack , alert correlation , attack conversion frequencies Abstract: Massive security alerts produced by safety equipments make it necessary to recognize and predict multi-step attacks. In this paper, a novel method of recognizing and predicting multi-step attacks is proposed. It calculatesattack conversion frequencies, and then mines the multi-step attack sequences. On this basis, it matches the new alert sequences dynamically, recognizes the multi-step attacks and predicts the next attack step. The result of experiment shows that the proposed method is effective and accurate.
|
