Abstract
There was a large scale of DDoS(Distributed Denial of Service) attacks mostly targeted at Korean government web sites and cooperations on March 4, 2010 (3.4 DDoS attack) after 7.7 DDoS on July 7, 2009 in South Korea. To detect and respond to them, malwares must first be detected by security monitoring system. In particular, availability of a method to detect and predict such malwares in advance will lead to preventing security incidents. This study will propose a method of prediction based on security monitoring event in Security Monitoring system and a functional configuration to realize the method and will assess the prediction model based on security monitoring events proposed through a test consisting of the stages of learning, prediction and evaluation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
‘Attack graphs’ predict computer security. http://www.eetimes.com/showArticle.jhtml?articleID=209601075
Oleg Sheyner SJRL, Haines J, Wing J.M. (2002) Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE symposium on security and privacy (SP 2002), pp 273–284
Phillips C, Swiler LP (1998) A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 workshop on New security paradigms. ACM Press, New York
Ammann DWP, Kaushik S (2002) Scalable, graphbased network vulnerability analysis. In: Proceedings of 9th ACM conference on computer and communications security, Washington
Xinming Ou WFB, McQueen MA (2006) A scalable approach to attack graph generation. In: ACM conference on computer and communications security. Alexandria, Virginia
Ning P, Cui Y, Reeves DS, Xu D (2004) Techniques and tools for analyzing intrusion alerts. ACM Trans Inf Syst Sec 7(2):274
Cuppens F, Miege A (2002) Alert correlation in a cooperative intrusion detection framework. Proceedings 2002 IEEE symposium on security and privacy, IEEE Computer Society, Berkeley, p 202
Lee W, Qin X (2003) Statistical causality analysis of infosec alert data. In: Proceedings of the international symposium on the recent advances in intrusion detection (RAID 2003), Springer, New York, pp 73–94
Lee SSW (1998) Data mining approaches for intrusion detection. In: Proceedings of the 7th USENIX security symposium. pp 79–94
Treinen JJT, Ramakrishna T A (2006) Framework for the application of association rule mining in large intrusion detection infrastructure. In: Proceedings of the international symposium on the recent advances in intrusion detection (RAID 2006), pp 1–18
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media Dordrecht
About this paper
Cite this paper
Park, N., Park, W.H. (2013). Cyber Threat Prediction Model Using Security Monitoring System Event. In: Kim, K., Chung, KY. (eds) IT Convergence and Security 2012. Lecture Notes in Electrical Engineering, vol 215. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5860-5_27
Download citation
DOI: https://doi.org/10.1007/978-94-007-5860-5_27
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-5859-9
Online ISBN: 978-94-007-5860-5
eBook Packages: EngineeringEngineering (R0)