IDEAS home Printed from https://ideas.repec.org/h/spr/sprchp/978-3-642-40660-7_195.html
   My bibliography  Save this book chapter

Graph-Based Real-Time Security Threats Awareness and Analysis in Enterprise LAN

In: Liss 2013

Author

Listed:
  • Huiying Lv

    (Capital Normal University)

  • Yuan Zhang

    (Capital Normal University)

  • Ruimei Wang

    (Capital Normal University)

  • Jie Wang

    (Capital Normal University)

Abstract

In order to dynamically and accurately recognize real-time network security situation in an enterprise LAN, an awareness and analysis method for network threats is proposed. The method recognizes current real-time threats and predicts subsequent threats by modeling attack scenario and simulating intrusion state transferring. The threat awareness model is constructed with Expanded Finite-State Automata, which is defined as Attack State Transition Graph and Real-Time Attack State Graph. The former visually describes all possible intruding paths and state transitions, and the latter illustrates really happening threats and real-time state transition. Then threat awareness algorithm is presented, of which various kinds of invalid threats are filtered, and current valid threats are obtained by correlating dynamic alarms with static attack scenario. Further, combining ASTG with RASG, subsequent threat and possible threat path is identified, which provides a useful evidence and guidance for intrusion response and security decision. Finally the results of experiment in a simulated network verify validity of the method.

Suggested Citation

  • Huiying Lv & Yuan Zhang & Ruimei Wang & Jie Wang, 2015. "Graph-Based Real-Time Security Threats Awareness and Analysis in Enterprise LAN," Springer Books, in: Runtong Zhang & Zhenji Zhang & Kecheng Liu & Juliang Zhang (ed.), Liss 2013, pages 1299-1304, Springer.
    • Handle: RePEc:spr:sprchp:978-3-642-40660-7_195
    DOI: 10.1007/978-3-642-40660-7_195
    as

    Download full text from publisher

    To our knowledge, this item is not available for download. To find whether it is available, there are three options:
    1. Check below whether another version of this item is available online.
    2. Check on the provider's web page whether it is in fact available.
    3. Perform a search for a similarly titled item that would be available.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:sprchp:978-3-642-40660-7_195. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.