A survey on artificial intelligence techniques for security event correlation: models, challenges, and opportunities
Abstract Information systems need to process a large amount of event monitoring data. The
process of finding the relationships between events is called correlation, which creates a …
process of finding the relationships between events is called correlation, which creates a …
A review on graph-based approaches for network security monitoring and botnet detection
This survey paper provides a comprehensive overview of recent research and development
in network security that uses graphs and graph-based data representation and analytics …
in network security that uses graphs and graph-based data representation and analytics …
On the improvement of the isolation forest algorithm for outlier detection with streaming data
In recent years, detecting anomalies in real-world computer networks has become a more
and more challenging task due to the steady increase of high-volume, high-speed and high …
and more challenging task due to the steady increase of high-volume, high-speed and high …
[HTML][HTML] MIF: A multi-step attack scenario reconstruction and attack chains extraction method based on multi-information fusion
Most attacks on the Internet are progressive attacks and exploit multiple multiple nodes.
Traditional Intrusion Detection Systems (IDS) cannot detect the original attack node, making …
Traditional Intrusion Detection Systems (IDS) cannot detect the original attack node, making …
Blockchain-based security in smart grid network
S Mishra - International Journal of Communication …, 2022 - inderscienceonline.com
The cybersecurity threats in the smart grid network are prominent with conventional
approaches providing integrated security control and communication protection for smart …
approaches providing integrated security control and communication protection for smart …
AGCM: A multi-stage attack correlation and scenario reconstruction method based on graph aggregation
H Lyu, J Liu, Y Lai, B Mao, X Huang - Computer Communications, 2024 - Elsevier
With an increase in the complexity and scale of networks, cybersecurity faces increasingly
severe challenges. For instance, an attacker can combine individual attacks into complex …
severe challenges. For instance, an attacker can combine individual attacks into complex …
On the detection of persistent attacks using alert graphs and event feature embeddings
B Burr, S Wang, G Salmon… - NOMS 2020-2020 IEEE …, 2020 - ieeexplore.ieee.org
Intrusion Detection Systems (IDS) generate a high volume of alerts that security analysts do
not have the resources to explore fully. Modelling attacks, especially the coordinated …
not have the resources to explore fully. Modelling attacks, especially the coordinated …
A hierarchical security event correlation model for real-time threat detection and response
H Maosa, K Ouazzane, MC Ghanem - Network, 2024 - mdpi.com
An intrusion detection system (IDS) perform postcompromise detection of security breaches
whenever preventive measures such as firewalls do not avert an attack. However, these …
whenever preventive measures such as firewalls do not avert an attack. However, these …
Exploiting the outcome of outlier detection for novel attack pattern recognition on streaming data
Future-oriented networking infrastructures are characterized by highly dynamic Streaming
Data (SD) whose volume, speed and number of dimensions increased significantly over the …
Data (SD) whose volume, speed and number of dimensions increased significantly over the …
Latent Semantic Analysis and Graph Theory for Alert Correlation: A Proposed Approach for IoT Botnet Detection
In recent times, the proliferation of Internet of Things (IoT) technology has brought a
significant shift in the digital transformation of various industries. The enabling technologies …
significant shift in the digital transformation of various industries. The enabling technologies …