| | |
Summary: Extracting Attack Knowledge Using Principal-subordinate Consequence
Tagging Case Grammar and Alerts Semantic Networks
Wei Yan, Edwin Hou, Nirwan Ansari
Advanced Networking Laboratory
Department of Electrical and Computer Engineering
New Jersey Institute of Technology
Newark, NJ 07102
Email: {wy3, hou, nirwan.ansari}@njit.edu
I. INTRODUCTION
As more and more network facilities are connected to
the internet, preventing networks from Distributed
Denial of Service (DDoS) attacks has become a
critical issue that must be tackled by security
administrators. Intrusion Detection Systems (IDSs)
are used to protect computer networks. However, IDS
can generate a huge volume of alerts due to
elementary and/or false alarm alerts. Furthermore, the
overwhelming volume of alerts makes it difficult for
security administrators to analyze and extract the
attack knowledge, therefore hampering network attack
|
