Advertisement

Cyber Threat Prediction Model Using Security Monitoring System Event

Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 215)

Abstract

There was a large scale of DDoS(Distributed Denial of Service) attacks mostly targeted at Korean government web sites and cooperations on March 4, 2010 (3.4 DDoS attack) after 7.7 DDoS on July 7, 2009 in South Korea. To detect and respond to them, malwares must first be detected by security monitoring system. In particular, availability of a method to detect and predict such malwares in advance will lead to preventing security incidents. This study will propose a method of prediction based on security monitoring event in Security Monitoring system and a functional configuration to realize the method and will assess the prediction model based on security monitoring events proposed through a test consisting of the stages of learning, prediction and evaluation.

Keywords

Cyber threat Security monitoring event Denial of service 

References

  1. 1.
    ‘Attack graphs’ predict computer security. http://www.eetimes.com/showArticle.jhtml?articleID=209601075
  2. 2.
    Oleg Sheyner SJRL, Haines J, Wing J.M. (2002) Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE symposium on security and privacy (SP 2002), pp 273–284Google Scholar
  3. 3.
    Phillips C, Swiler LP (1998) A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 workshop on New security paradigms. ACM Press, New YorkGoogle Scholar
  4. 4.
    Ammann DWP, Kaushik S (2002) Scalable, graphbased network vulnerability analysis. In: Proceedings of 9th ACM conference on computer and communications security, WashingtonGoogle Scholar
  5. 5.
    Xinming Ou WFB, McQueen MA (2006) A scalable approach to attack graph generation. In: ACM conference on computer and communications security. Alexandria, VirginiaGoogle Scholar
  6. 6.
    Ning P, Cui Y, Reeves DS, Xu D (2004) Techniques and tools for analyzing intrusion alerts. ACM Trans Inf Syst Sec 7(2):274Google Scholar
  7. 7.
    Cuppens F, Miege A (2002) Alert correlation in a cooperative intrusion detection framework. Proceedings 2002 IEEE symposium on security and privacy, IEEE Computer Society, Berkeley, p 202Google Scholar
  8. 8.
    Lee W, Qin X (2003) Statistical causality analysis of infosec alert data. In: Proceedings of the international symposium on the recent advances in intrusion detection (RAID 2003), Springer, New York, pp 73–94Google Scholar
  9. 9.
    Lee SSW (1998) Data mining approaches for intrusion detection. In: Proceedings of the 7th USENIX security symposium. pp 79–94Google Scholar
  10. 10.
    Treinen JJT, Ramakrishna T A (2006) Framework for the application of association rule mining in large intrusion detection infrastructure. In: Proceedings of the international symposium on the recent advances in intrusion detection (RAID 2006), pp 1–18Google Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2013

Authors and Affiliations

  1. 1.Department of Ubiquitous ITFar East UniversityEumseong-gunSouth Korea
  2. 2.Department of Information ManagementFar East UniversityEumseong-gunSouth Korea

Personalised recommendations