FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1549767874> ?p ?o ?g. }

• W1549767874 abstract "Complementary security systems are widely deployed in networks to protect digital assets. Alert correlation is essential to understanding the security threats and taking appropriate actions. This paper proposes a novel correlation approach based on triggering events and common resources. One of the key concepts in our approach is triggering events, which are the (low-level) events that trigger alerts. By grouping alerts that share similar triggering events, a set of alerts can be partitioned into different clusters such that the alerts in the same cluster may correspond to the same attack. Our approach further examines whether the alerts in each cluster are consistent with relevant network and host configurations, which help analysts to partially identify the severity of alerts and clusters. The other key concept in our approach is input and output resources. Intuitively, input resources are the necessary resources for an attack to succeed, and output resources are the resources that an attack supplies if successful. This paper proposes to model each attack through specifying input and output resources. By identifying the common resources between output resources of one attack and input resources of another, it discovers causal relationships between alert clusters and builds attack scenarios. The experimental results demonstrate the usefulness of the proposed techniques." @default.
• W1549767874 created "2016-06-24" @default.
• W1549767874 creator A5016753473 @default.
• W1549767874 creator A5065344062 @default.
• W1549767874 date "2005-04-06" @default.
• W1549767874 modified "2023-10-06" @default.
• W1549767874 title "Alert Correlation through Triggering Events and Common Resources" @default.
• W1549767874 cites W1495304983 @default.
• W1549767874 cites W1549716092 @default.
• W1549767874 cites W1582506709 @default.
• W1549767874 cites W1587979610 @default.
• W1549767874 cites W1649901946 @default.
• W1549767874 cites W1684452600 @default.
• W1549767874 cites W2016559036 @default.
• W1549767874 cites W2068789742 @default.
• W1549767874 cites W2108867737 @default.
• W1549767874 cites W2161830378 @default.
• W1549767874 cites W2163277533 @default.
• W1549767874 cites W4231518042 @default.
• W1549767874 doi "https://doi.org/10.1109/csac.2004.5" @default.
• W1549767874 hasPublicationYear "2005" @default.
• W1549767874 type Work @default.
• W1549767874 sameAs 1549767874 @default.
• W1549767874 citedByCount "39" @default.
• W1549767874 countsByYear W15497678742012 @default.
• W1549767874 countsByYear W15497678742013 @default.
• W1549767874 countsByYear W15497678742014 @default.
• W1549767874 countsByYear W15497678742015 @default.
• W1549767874 countsByYear W15497678742016 @default.
• W1549767874 countsByYear W15497678742020 @default.
• W1549767874 countsByYear W15497678742022 @default.
• W1549767874 crossrefType "proceedings-article" @default.
• W1549767874 hasAuthorship W1549767874A5016753473 @default.
• W1549767874 hasAuthorship W1549767874A5065344062 @default.
• W1549767874 hasBestOaLocation W15497678742 @default.
• W1549767874 hasConcept C124101348 @default.
• W1549767874 hasConcept C164866538 @default.
• W1549767874 hasConcept C177264268 @default.
• W1549767874 hasConcept C199360897 @default.
• W1549767874 hasConcept C26517878 @default.
• W1549767874 hasConcept C31258907 @default.
• W1549767874 hasConcept C38652104 @default.
• W1549767874 hasConcept C41008148 @default.
• W1549767874 hasConceptScore W1549767874C124101348 @default.
• W1549767874 hasConceptScore W1549767874C164866538 @default.
• W1549767874 hasConceptScore W1549767874C177264268 @default.
• W1549767874 hasConceptScore W1549767874C199360897 @default.
• W1549767874 hasConceptScore W1549767874C26517878 @default.
• W1549767874 hasConceptScore W1549767874C31258907 @default.
• W1549767874 hasConceptScore W1549767874C38652104 @default.
• W1549767874 hasConceptScore W1549767874C41008148 @default.
• W1549767874 hasLocation W15497678741 @default.
• W1549767874 hasLocation W15497678742 @default.
• W1549767874 hasOpenAccess W1549767874 @default.
• W1549767874 hasPrimaryLocation W15497678741 @default.
• W1549767874 hasRelatedWork W1794016765 @default.
• W1549767874 hasRelatedWork W2329452785 @default.
• W1549767874 hasRelatedWork W2347219288 @default.
• W1549767874 hasRelatedWork W2355215981 @default.
• W1549767874 hasRelatedWork W2356380379 @default.
• W1549767874 hasRelatedWork W2358471166 @default.
• W1549767874 hasRelatedWork W2363925233 @default.
• W1549767874 hasRelatedWork W2366284060 @default.
• W1549767874 hasRelatedWork W2366792704 @default.
• W1549767874 hasRelatedWork W2391464953 @default.
• W1549767874 isParatext "false" @default.
• W1549767874 isRetracted "false" @default.
• W1549767874 magId "1549767874" @default.
• W1549767874 workType "article" @default.