+44 (0)1509 263171
Please use this identifier to cite or link to this item:
|Title: ||Predicting multi-stage attacks based on hybrid approach|
|Authors: ||Almutairi, Abdulrazaq Z.|
Flint, James A.
Parish, David J.
|Keywords: ||Intrusion detection|
Process query systems
|Issue Date: ||2015|
|Publisher: ||© Infonomics Society|
|Citation: ||ALMUTAIRI, A.Z., FLINT, J.A. and PARISH, D.J., 2015. Predicting multi-stage attacks based on hybrid approach. International Journal for Information Security Research, 5 (3), pp. 582 - 590|
|Abstract: ||Multi-stage attacks can evolve dramatically causing much loss and damage to organisations. These attacks are frequently instigated by exploiting actions, which in isolation are legal and are therefore particularly challenging to detect. Much research has been conducted in the multi-stage detection area, in order to build a framework based on an events correlation approach. This paper proposes a framework that predicts multi-stage attacks based on a hybrid approach, which combines two techniques; IP information evaluation and process query system (PQS). This paper shows the analysis of three multi stage attacks, detailing their steps and information hitherto unexploited in current intrusion detection systems. The paper also goes through the implementation of each technique used in the hybrid approach.|
|Description: ||This is the accepted version of a paper subsequently published in the International Journal for Information Security Research [© Infonomics Society]. The definitive version is available at: http://infonomics-society.org/wp-content/uploads/ijisr/published-papers/volume-5-2015/Predicting-Multi-Stage-Attacks-Based-on-Hybrid-Approach.pdf|
|Version: ||Accepted for publication|
|Publisher Link: ||http://infonomics-society.ie/ijisr/published-papers/volume-5-2015/|
|Appears in Collections:||Published Articles (Mechanical, Electrical and Manufacturing Engineering)|
Files associated with this item:
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.