Pavlov Artem Valeryevich (Postgraduate student, ITMO University)
|
This article proposes two methods for detecting complex attacks based on data obtained from intrusion detection systems. The first method is based on a combination of rules and allows to identify complex attacks and combine events into meta-events to reduce the sample size. The second method allows to identify complex attacks from meta-events using the DBSCAN clustering method based on the weighted Gower distance. Method metrics are evaluated for the CPTC-2018 dataset. The resulting assessment indicates the practical applicability of the proposed methods in the task of detecting complex attacks and countering advanced threats.
Keywords:information security, cybersecurity, complex attacks, attacker groups, intrusion detection
|
|
|
Read the full article …
|
Citation link: Pavlov A. V. ATTRIBUTIVE METHODS FOR DETECTING COMPLEX ATTACKS FROM INTRUSION DETECTION SYSTEM DATA // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2023. -№08/2. -С. 108-110 DOI 10.37882/2223-2966.2023.8-2.25 |
|
|