Loughborough University
Browse
Abdulrazaq_Almutairi_Journal_2016.pdf (461.74 kB)

Predicting multi-stage attacks based on hybrid approach

Download (461.74 kB)
journal contribution
posted on 2016-03-24, 14:14 authored by Abdulrazaq Almutairi, James FlintJames Flint, David J. Parish
Multi-stage attacks can evolve dramatically causing much loss and damage to organisations. These attacks are frequently instigated by exploiting actions, which in isolation are legal and are therefore particularly challenging to detect. Much research has been conducted in the multi-stage detection area, in order to build a framework based on an events correlation approach. This paper proposes a framework that predicts multi-stage attacks based on a hybrid approach, which combines two techniques; IP information evaluation and process query system (PQS). This paper shows the analysis of three multi stage attacks, detailing their steps and information hitherto unexploited in current intrusion detection systems. The paper also goes through the implementation of each technique used in the hybrid approach.

History

School

  • Mechanical, Electrical and Manufacturing Engineering

Published in

International Journal for Information Security Research - ijisr

Volume

5

Pages

582 - 590

Citation

ALMUTAIRI, A.Z., FLINT, J.A. and PARISH, D.J., 2015. Predicting multi-stage attacks based on hybrid approach. International Journal for Information Security Research, 5 (3), pp. 582 - 590

Publisher

© Infonomics Society

Version

  • AM (Accepted Manuscript)

Publisher statement

This work is made available according to the conditions of the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) licence. Full details of this licence are available at: https://creativecommons.org/licenses/by-nc-nd/4.0/

Acceptance date

2016-02-12

Publication date

2015

Notes

This is the accepted version of a paper subsequently published in the International Journal for Information Security Research [© Infonomics Society]. The definitive version is available at: http://infonomics-society.org/wp-content/uploads/ijisr/published-papers/volume-5-2015/Predicting-Multi-Stage-Attacks-Based-on-Hybrid-Approach.pdf

DOI

ISSN

2042-4639

Publisher version

Language

  • en

Administrator link

Usage metrics

    Loughborough Publications

    Categories

    Keywords

    Intrusion detectionMulti-stage attacksIP checkData miningFuzzy logicEvent-correlationProcess query systemsMechanical Engineering not elsewhere classified

    Licence

    CC BY-NC-ND 4.0

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC