Loading…
Predicting multi-stage attacks based on IP information
Multi-stage attacks can evolve dramatically, causing much loss and damage to organisations. These attacks are frequently instigated by exploiting actions, which in isolation are legal, and are therefore particularly challenging to detect. Much research has been conducted in the multi-stage detection...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Default Conference proceeding |
| Published: |
2015
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/2134/20723 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1818172215998283776 |
|---|---|
| author | Abdulrazaq Almutairi James Flint David J. Parish |
| author_facet | Abdulrazaq Almutairi James Flint David J. Parish |
| author_sort | Abdulrazaq Almutairi (1252041) |
| collection | Figshare |
| description | Multi-stage attacks can evolve dramatically, causing much loss and damage to organisations. These attacks are frequently instigated by exploiting actions, which in isolation are legal, and are therefore particularly challenging to detect. Much research has been conducted in the multi-stage detection area, in order to build a framework based on an events correlation approach. This paper proposes a framework that predicts multi-stage attacks based on a different approach, which is an IP information evaluation. This approach was chosen after analysing three different multi-stage attack scenarios. This paper shows the analysis of those scenarios, detailing their steps and information hitherto unexploited in current intrusion detection systems. The paper also details the results obtained in the evaluation process, including detection and false positive rates. |
| format | Default Conference proceeding |
| id | rr-article-9557864 |
| institution | Loughborough University |
| publishDate | 2015 |
| record_format | Figshare |
| spelling | rr-article-95578642015-01-01T00:00:00Z Predicting multi-stage attacks based on IP information Abdulrazaq Almutairi (1252041) James Flint (1251738) David J. Parish (7168355) Mechanical engineering not elsewhere classified untagged Mechanical Engineering not elsewhere classified Multi-stage attacks can evolve dramatically, causing much loss and damage to organisations. These attacks are frequently instigated by exploiting actions, which in isolation are legal, and are therefore particularly challenging to detect. Much research has been conducted in the multi-stage detection area, in order to build a framework based on an events correlation approach. This paper proposes a framework that predicts multi-stage attacks based on a different approach, which is an IP information evaluation. This approach was chosen after analysing three different multi-stage attack scenarios. This paper shows the analysis of those scenarios, detailing their steps and information hitherto unexploited in current intrusion detection systems. The paper also details the results obtained in the evaluation process, including detection and false positive rates. 2015-01-01T00:00:00Z Text Conference contribution 2134/20723 https://figshare.com/articles/conference_contribution/Predicting_multi-stage_attacks_based_on_IP_information/9557864 CC BY-NC-ND 4.0 |
| spellingShingle | Mechanical engineering not elsewhere classified untagged Mechanical Engineering not elsewhere classified Abdulrazaq Almutairi James Flint David J. Parish Predicting multi-stage attacks based on IP information |
| title | Predicting multi-stage attacks based on IP information |
| title_full | Predicting multi-stage attacks based on IP information |
| title_fullStr | Predicting multi-stage attacks based on IP information |
| title_full_unstemmed | Predicting multi-stage attacks based on IP information |
| title_short | Predicting multi-stage attacks based on IP information |
| title_sort | predicting multi-stage attacks based on ip information |
| topic | Mechanical engineering not elsewhere classified untagged Mechanical Engineering not elsewhere classified |
| url | https://hdl.handle.net/2134/20723 |