Title :
Intrusion Alerts Correlation Based Assessment of Network Security
Author :
Shi, Jin ; Hu, Guangwei ; Lu, Mingxin ; Xie, Li
Author_Institution :
State Key Lab. for Novel Software Technol., Nanjing Univ., Nanjing, China
Abstract :
Traditional network security assessment technologies are usually qualitative analyses from large variation of security factors. It is difficult to guide security managers to configure network security mechanisms. A new network security quantitative analysis method called ACRL is presented in this paper. It assesses attack sequences from credibility, risk and the loss of system and provides the assessment values to security managers. It can assess the network security mechanisms and measures in position and can help security managers adjust the corresponding security mechanisms and choose the response methods against attacks in detail. An experiment of our method shows favorable and promising results.
Keywords :
Internet; security of data; intrusion alerts correlation; network security assessment; network security mechanisms; qualitative analyses; quantitative analysis; security factors; Correlation; Intrusion detection; Operating systems; Position measurement; Servers; Alerts Correlation; Credibility Analysis; Risk Analysis; Security Assessment; System Loss Analysis;
Conference_Titel :
Information Science and Management Engineering (ISME), 2010 International Conference of
Conference_Location :
Xi´an
Print_ISBN :
978-1-4244-7669-5
Electronic_ISBN :
978-1-4244-7670-1
DOI :
10.1109/ISME.2010.156
