CAPTURE: Efficient Attack Investigation Through Causal Alert Correlation Analysis-Reference-Cited by-同舟云学术

登录注册会员服务联系我们

CAPTURE: Efficient Attack Investigation Through Causal Alert Correlation Analysis

Published:2024 Issue: Volume: Page:73-87
ISSN:1865-0929
Container-title:Communications in Computer and Information Science
language:en
Short-container-title:

Author:

Chen Rongrong,Ni Xiaoya,Xiao Qianlong,Li Siying,Hu Minghao,Xiao Yanjun,Qiu Jing

Publisher

Springer Nature Singapore

Link

https://link.springer.com/content/pdf/10.1007/978-981-97-4519-7_6

Reference35 articles.

1. King, S.T., Chen, P.M.: Backtracking intrusions. In: Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, pp. 223–236 (2003)

2. Wajih Ul, H., et al.: Nodoze: combatting threat alert fatigue with automated provenance triage. In: Network and Distributed Systems Security Symposium (2019)

3. Fang, P., et al.: Back-propagating: system dependency impact for attack investigation. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 2461–2478 (2022)

4. Zuech, R., Khoshgoftaar, T.M., Wald, R.: Intrusion detection and big heterogeneous data: a survey. J. Big Data. 2(1), 1–41 (2015)

5. Hossain, N., Milajerdi, S.M., Wang, J.: SLEUTH: Real-time attack scenario reconstruction from COTS audit data. In: USENIX Security Symposium, pp. 487–504 (2017)

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线，采集、加工和组织学术论文而形成的新型学术文献查询和分析系统，可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容，当前同舟云学术共收录了国内外主流学术期刊6万余种，收集的期刊论文及会议论文总量共计约1.5亿篇，并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询！咨询电话：010-8811{复制后删除}0370

www.globalauthorid.com

TOP