A robust algorithm for predicting attacks using collaborative security logs

Amir Rezapour, Wen Guey Tzeng

研究成果: Article同行評審

摘要

As networks become ubiquitous in our daily lives, users rely more on networks for exchanging data and communication. However, numerous new and sophisticated attacks that endanger security of users have been reported. In practice, blacklisting illicit sources has been a fundamental defense strategy in recent years. In this paper, we propose a predictor that is based on the observations from a centralized log-sharing infrastructure. Our observations include the direct relation between attackers and victims, victim similarities, and attacker correlations. We compile a customized blacklist for each Dshield.org contributor using a weighted function of direct and indirect relations between victims and attackers. This list not only offers a significantly higher prediction ratio, but also includes source addresses with potentially higher threats. We evaluate our predictor using two months of malicious activities acquired from Dshield.org. The experimental results demonstrate a significant improvement over previous algorithms.

原文English
頁(從 - 到)597-619
頁數23
期刊Journal of Information Science and Engineering
36
發行號3
DOIs
出版狀態Published - 五月 2020

指紋

深入研究「A robust algorithm for predicting attacks using collaborative security logs」主題。共同形成了獨特的指紋。

引用此