计算机科学技术 |
|
|
|
|
基于攻击行为预测的网络防御策略 |
任午令1, 赵翠文2, 姜国新1, David Maimon3, Theodore Wilson3, Bertrand Sobesto3 |
1.浙江工商大学 网络信息中心,浙江 杭州 310018; 2.浙江工商大学 计算机与信息工程学院,浙江 杭州 310018; 3.马里兰大学 克拉克工程学院,马里兰州 美国 MD 20742 |
|
Network defense strategy based on cyber attack behavior prediction |
REN Wu-ling1, ZHAO Cui-wen2, JIANG Guo-xin1,David Maimon3, Theodore Wilson3, Bertrand Sobesto3 |
1. Network Information Center, Zhejiang Gongshang University, Hangzhou 310018, China; 2.College of Computer and Information Engineering, Zhejiang Gongshang University, Hangzhou 310018, China; 3.Clark School of Engineering, University of Maryland, Maryland 20742, US |
引用本文:
任午令, 赵翠文, 姜国新, David Maimon, Theodore Wilson, Bertrand Sobesto. 基于攻击行为预测的网络防御策略[J]. 浙江大学学报(工学版), 10.3785/j.issn.1008-973X.2014.12.007.
REN Wu-ling, ZHAO Cui-wen, JIANG Guo-xin,David Maimon, Theodore Wilson, Bertrand Sobesto. Network defense strategy based on cyber attack behavior prediction. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 10.3785/j.issn.1008-973X.2014.12.007.
链接本文:
http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2014.12.007
或
http://www.zjujournals.com/eng/CN/Y2014/V48/I12/2144
|
[1] RAMSBROCK D, BERTHIER R, CUKIER M.Profiling Attacker Behavior Following SSH Compromises[C]∥ 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks(DSN07). Washington, DC, USA: IEEE Computer Society, 2007: 119-124.
[2] SALLES-LOUSTAU G, BERTHIER R, COLLANGE E, et al, Characterizing attackers and attacks: an empirical study[C] ∥ IEEE 17th Pacific Rim International Symposium on Dependable Computing. Washington, DC, USA: IEEE Computer Society, 2011: 174-183.
[3] ALOSEFER Y,RANA O. Automated state machines applied in client honeypots[C] ∥ 5th International Conference on Future Information Technology (Future-Tech).Washington, DC, USA: IEEE Computer Society, 2010: 18.
[4] ALOSEFER Y,RANA O. Predicting client-side attacks via behaviour analysis using honeypot data [C] ∥ NWeSP, 7th International Conference on Next Generation Web Services Practices. Washington, DC, USA: IEEE Computer Society, 2011: 31-36.
[5] 印鉴,张钢,陈忆群.基于Honeynet的网络入侵模式挖掘[J].计算机工程与应用,2004(11): 114-117.
YIN Jian, ZHANG Gang, CHEN Yi-qun. Intrusion mode mining on honeynet[J]. Computer Engineering and Applications, 2004(11): 114-117.
[6] SCHONLAU M, MOUCHEL W. Computer intrusion: Detecting masquerades[J]. Statistical Science, 2001, 16(1): 58-74.
[7] MAXION R A, TOWNSEND T N. Masquerade detection using truncated command lines[C] ∥ Proceedings of the International Conference on Dependable Systems and Networks. Washington, DC, USA: IEEE Computer Society, 2002: 219-228.
[8] LANE T, CARLA E B. An empirical study of two approaches to sequence learning for anomaly detection[J]. Machine Learning, 2003, 51(1): 73-107.
[9] YING J, KIRUBARAJAN T. A hidden Markov based algorithm for fault diagnosis with partial and imperfect tests [J]. IEEE Transactions on System, Man, and Cybernetics, 2000, 30(4): 463-473.
[10] RABINER L. A tutorial on hidden markov models and selected applications in speech recognition [J]. Proceedings of the IEEE, 1989, 77: 257-286.
[11] CURTIS A C. A methodology for using intelligent agents to provide automated intrusion response [C]∥ Proceedings of the IEEE Systems, Man, and Cybernetics Information Assurance and Security Work-shop. New York: IEEE, 2000: 110-116.
[12] 彭凌西,谢冬青,付颖芳,等.基于危险理论的自动入侵响应系统模型[J].通信学报,2012,33(1): 136-144.
PENG Ling-xi, XIE Dong-qing, FU Ying-fang, et al. Automated intrusion response system model based on danger theory[J].Journal on Communications, 2012, 33(1): 136-144. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|