• DocumentCode
    2860035
  • Title

    Network Threat Assessment Based on Alert Verification

  • Author

    Rongrong Xi ; Xiaochun Yun ; Jin, Shuyuan ; Zhang, Yongzheng

  • Author_Institution
    Inst. of Comput. Technol., Beijing, China
  • fYear
    2011
  • fDate
    20-22 Oct. 2011
  • Firstpage
    30
  • Lastpage
    34
  • Abstract
    In face of overwhelming alerts produced by firewalls or intrusion detection devices, it is difficult to assess network threats that we face. In this paper, we propose a threat assessment approach to estimate the impact of attacks on network. The approach employs the Common Vulnerability Scoring System to quantitatively assess network threats and further correlates alerts with contextual information to improve the accuracy of assessment. In the case studies, we demonstrate how the approach is applied in real networks. The experimental results show that the approach can make an accurate assessment of network threats.
  • Keywords
    authorisation; computer network security; alert verification; common vulnerability scoring system; firewalls; intrusion detection devices; network threat assessment; Computers; Databases; Intrusion detection; Network topology; Probes; Sensors; alert verification; quantitative assessment; threat assessment;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Computing, Applications and Technologies (PDCAT), 2011 12th International Conference on
  • Conference_Location
    Gwangju
  • Print_ISBN
    978-1-4577-1807-6
  • Type

    conf

  • DOI
    10.1109/PDCAT.2011.57
  • Filename
    6118526
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2860035