FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4366245778> ?p ?o ?g. }

• W4366245778 endingPage "103267" @default.
• W4366245778 startingPage "103267" @default.
• W4366245778 abstract "Lateral movement plays a vital role in a network attack campaign. After breaking into the intranet, perpetrators penetrate to their final target through this procedure. In order to protect the crucial resources of an enterprise, it is of significant importance to identify lateral movement traces. Previous studies related to this area have proposed several methods. However, most of them failed to raise high-quality alerts, and security operators cannot identify the real threat from raised massive alerts and make a response in time. To fill this gap, in this paper, we propose a novel approach based on Behavior Deviation Measurement (BEDIM) to raise a few effective alerts for lateral movement detection. By modeling the behavior deviation level of each machine on the connection expanded graph sequences, BEDIM can locate unusual connections from massive logs as initial abnormal records. Apart from this, BEDIM also applies a strategy to filter benign records from initial abnormal connections to further reduce false alerts. Specifically, we propose two implementations of BEDIM, which are S-BEDIM (Simple) and C-BEDIM (Complex). Compared to related state-of-the-arts, both S-BEDIM and C-BEDIM are more precise, robust, and efficient. To demonstrate this, we conduct experiments on two datasets, which are collected from the intranet of two enterprises. The experiment results show that both S-BEDIM and C-BEDIM can raise a few effective alerts. Especially for C-BEDIM, with taking proper period, it can achieve 100% accuracy on both datasets." @default.
• W4366245778 created "2023-04-20" @default.
• W4366245778 creator A5005144050 @default.
• W4366245778 creator A5007665824 @default.
• W4366245778 creator A5012305916 @default.
• W4366245778 creator A5031905258 @default.
• W4366245778 creator A5045902020 @default.
• W4366245778 creator A5054446049 @default.
• W4366245778 date "2023-07-01" @default.
• W4366245778 modified "2023-09-26" @default.
• W4366245778 title "C-BEDIM and S-BEDIM: Lateral movement detection in enterprise network through behavior deviation measurement" @default.
• W4366245778 cites W2173213060 @default.
• W4366245778 cites W2889379876 @default.
• W4366245778 cites W2901504064 @default.
• W4366245778 cites W2966366601 @default.
• W4366245778 cites W3017387519 @default.
• W4366245778 cites W3127568610 @default.
• W4366245778 cites W3130625521 @default.
• W4366245778 cites W3153407530 @default.
• W4366245778 doi "https://doi.org/10.1016/j.cose.2023.103267" @default.
• W4366245778 hasPublicationYear "2023" @default.
• W4366245778 type Work @default.
• W4366245778 citedByCount "0" @default.
• W4366245778 crossrefType "journal-article" @default.
• W4366245778 hasAuthorship W4366245778A5005144050 @default.
• W4366245778 hasAuthorship W4366245778A5007665824 @default.
• W4366245778 hasAuthorship W4366245778A5012305916 @default.
• W4366245778 hasAuthorship W4366245778A5031905258 @default.
• W4366245778 hasAuthorship W4366245778A5045902020 @default.
• W4366245778 hasAuthorship W4366245778A5054446049 @default.
• W4366245778 hasConcept C107038049 @default.
• W4366245778 hasConcept C110875604 @default.
• W4366245778 hasConcept C115903868 @default.
• W4366245778 hasConcept C124101348 @default.
• W4366245778 hasConcept C136764020 @default.
• W4366245778 hasConcept C138885662 @default.
• W4366245778 hasConcept C149859251 @default.
• W4366245778 hasConcept C154945302 @default.
• W4366245778 hasConcept C26713055 @default.
• W4366245778 hasConcept C2778059363 @default.
• W4366245778 hasConcept C2780226923 @default.
• W4366245778 hasConcept C38652104 @default.
• W4366245778 hasConcept C41008148 @default.
• W4366245778 hasConcept C739882 @default.
• W4366245778 hasConceptScore W4366245778C107038049 @default.
• W4366245778 hasConceptScore W4366245778C110875604 @default.
• W4366245778 hasConceptScore W4366245778C115903868 @default.
• W4366245778 hasConceptScore W4366245778C124101348 @default.
• W4366245778 hasConceptScore W4366245778C136764020 @default.
• W4366245778 hasConceptScore W4366245778C138885662 @default.
• W4366245778 hasConceptScore W4366245778C149859251 @default.
• W4366245778 hasConceptScore W4366245778C154945302 @default.
• W4366245778 hasConceptScore W4366245778C26713055 @default.
• W4366245778 hasConceptScore W4366245778C2778059363 @default.
• W4366245778 hasConceptScore W4366245778C2780226923 @default.
• W4366245778 hasConceptScore W4366245778C38652104 @default.
• W4366245778 hasConceptScore W4366245778C41008148 @default.
• W4366245778 hasConceptScore W4366245778C739882 @default.
• W4366245778 hasFunder F4320321133 @default.
• W4366245778 hasFunder F4320321540 @default.
• W4366245778 hasLocation W43662457781 @default.
• W4366245778 hasOpenAccess W4366245778 @default.
• W4366245778 hasPrimaryLocation W43662457781 @default.
• W4366245778 hasRelatedWork W1485630101 @default.
• W4366245778 hasRelatedWork W1536235319 @default.
• W4366245778 hasRelatedWork W1964111820 @default.
• W4366245778 hasRelatedWork W1989126600 @default.
• W4366245778 hasRelatedWork W2083338789 @default.
• W4366245778 hasRelatedWork W2353676305 @default.
• W4366245778 hasRelatedWork W2384497200 @default.
• W4366245778 hasRelatedWork W2392518284 @default.
• W4366245778 hasRelatedWork W2999192262 @default.
• W4366245778 hasRelatedWork W63676446 @default.
• W4366245778 hasVolume "130" @default.
• W4366245778 isParatext "false" @default.
• W4366245778 isRetracted "false" @default.
• W4366245778 workType "article" @default.