[16] |
MCHUGH J . Testing intrusion detection systems:a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by lincoln laboratory[J]. ACM Transactions on Information and System Security, 2000,3(4): 262-294.
|
[17] |
KENT A D . Cyber security data sources for dynamic network research[M]. World Scientific Publishing. 2016: 37-65
|
[18] |
CSUBáK D , SZüCS K , V?R?S P ,et al. big data testbed for network attack detection[J]. Acta Polytechnica Hungarica, 2016,13(2): 47-57
|
[1] |
NAVARRO J , DERUYVER A , PARREND P . A systematic survey on multi-step attack detection[J]. Computers & Security, 2018,76(6): 214-249.
|
[2] |
王莉 . 网络多步攻击识别方法研究[D]. 武汉:华中科技大学, 2007.
|
|
WANG L . Study on method of network multi-stage attack plan recognition[D]. Wuhan:Huazhong University of Science and Technology, 2007.
|
[3] |
GREGORIO-DE S I , BERK V H , GIANI A ,et al. Detection of complex cyber attacks[C]// Sensors,and Command,Control,Communications,and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense V. International Society for Optics and Photonics, 2006: 6201-6209.
|
[4] |
CHEN P , DESMET L , HUYGENS C . Study on advanced persistent threats[M]. Berlin: SpringerPress, 2014: 63-72.
|
[5] |
MA Z , SMITH P . Determining risks from advanced multi-step attacks to critical information infrastructures[C]// International Workshop on Critical Information Infrastructures Security. Springer, 2013: 142-154.
|
[6] |
HOLGADO P , VILLAGRA V A , VAZQUEZ L . Real-time multistep attack prediction based on hidden Markov models[J]. IEEE Transactions on Dependable & Secure Computing, 2017,PP(99):1.
|
[7] |
刘威歆, 郑康锋, 武斌 ,等. 基于攻击图的多源告警关联分析方法[J]. 通信学报, 2015,36(9): 135-144.
|
|
LIU W X , ZHENG K D , WU B ,et al. Alert processing based on attack graph and multi-source analyzing[J]. Journal on Communications, 2015,36(9): 135-144.
|
[8] |
ELSHOUSH H T , OSMAN I M . Alert correlation in collaborative intelligent intrusion detection systems-a survey[J]. Applied Soft Computing, 2011,11(7): 4349-4365.
|
[9] |
WANG L , ISLAM T , LONG T ,et al. Attack graph-based probabilistic security metric[C]// XXII,IFIP WG 11.3 Working Conference on Data and Applications Security. DBLP, 2008: 283-296.
|
[10] |
AKOGLU L , TONG H , KOUTRA D . Graph based anomaly detection and description:a survey[J]. Data Mining and Knowledge Discovery, 2015,29(3): 626-688.
|
[11] |
HUTCHINS E M , CLOPPERT M J , AMIN R M . Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains[J]. Leading Issues in Information Warfare & Security Research, 2011,1(1):80.
|
[12] |
KIM Y H , PARK W H . A study on cyber threat prediction based on intrusion detection event for APT attack detection[J]. Multimedia Tools and Applications, 2014,71(2): 685-698.
|
[13] |
NEIL J , HASH C , BRUGH A ,et al. Scan statistics for the onlinedetection of locally anomalous subgraphs[J]. Technometrics, 2013,55(4): 403-414.
|
[14] |
NEIL J , STORLIE C . Statistical detection of intruders within computer networks using scan statistics[M]. London: Imperial College PressPress, 2014: 71-104.
|
[15] |
钱叶魁, 陈鸣, 叶立新 ,等. 基于多尺度主成分分析的全网络异常检测方法[J]. 软件学报, 2012(2): 361-377.
|
|
QIAN Y Q , CHEN M , YE L X ,et al. Network-wide anomaly detection method based on multiscale principal component analysis[J]. Journal of Software, 2012(2): 361-377.
|