The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The process of attackers exploiting the target facilities is always gradual in cyberspace, and multiple attack steps would be performed in order to achieve the ultimate goal. How to identify the attack scenarios is one of the challenges in many research fields, such as cyberspace security situation awareness, the detection of APT (Advanced Persistent Threat) and so on. Alert correlation analysis based...
After analyzing the existing research of network security situation awareness, a framework of situation analysis is proposed in this paper. It is an application and reification of the classic situation awareness model proposed by Tim bass. The framework is composed of three core contents, namely, situation information model, event correlation analysis technology and situation assessment technology...
An attack activity to cyberspace will cause the security devices generating huge number of security events, it is unfeasible to analyze these events by the manual way for the security manager. After analyzing the existing algorithms of security events correlation, we propose an attack scenario reconstruction technology based on state machine. The processes of attackers intruding into the cyberspace...
It is unfeasible to analyze the security events by the manual way for the security manager, because the number of the events is huge and the information contained in the events is meaningless. After analyzing the existing algorithms of security events correlation, we propose an attack scenario reconstruction technology based on state machine. The processes of attackers intruding into the cyberspace...
A security situation assessment model is proposed in this paper. One of the math function and the rectification function are used to design the experience function in the theory of evidence. Then the theory of evidence is brought into the security situation assessment. From correlating and fusing the data which is provided by the sensors deployed in network to depicting the curve of security situation,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.