Citation: | KOU Guang, WANG Shuo, TANG Guangming, “Research on Key Technologies of Network Security Situational Awareness for Attack Tracking Prediction,” Chinese Journal of Electronics, vol. 28, no. 1, pp. 162-171, 2019, doi: 10.1049/cje.2018.10.007 |
Bass T., "Intrusion detection systems & multisensory data fusion:Creating Cyberspace Situational Awareness", Communications of the ACM, Vol.43, No.4, pp.99-105, 2000.
|
D' Ambrosio B., "Security situation assessment and response evaluation (SSARE)", Proc. of DARPA Information Survivability Conference & Exposition Ⅱ, Washington, USA, pp.387-394, 2001.
|
Abad Cristina and Yurcik William, "UCLog+:A security situational awareness system for incident storage, querying, and correlation", Proc. of the 14th International Conference on Telecommunication Systems Modeling and Analysis, Washington, USA, pp.316-322, 2006.
|
Chen Xiuzhen, Zheng Qinhua and Guan Xiaohong, "Quantitative hierarchical threat evaluation model for network security", Journal of Software, Vol.17, No.4, pp.885-997, 2006.
|
Wei Yong, Lian Yifeng and Feng Dengguo, "A network security situational awareness model based on information fusion", Journal of Computer Research and Development, Vol.46, No.3, pp.353-362, 2009.
|
Xi Rongrong, Yun Xiaochun and Zhang Yongzheng, "An improved quantitative evaluation method for network security", Journal of Software, Vol.26, No.7, pp.1638-1649, 2015.
|
Zhang Yong, Tan Xiaobin and Cui Xiaolin, " Network security situation awareness approach based on Markov game model", Journal of Software, Vol.22, No.3, pp.495-508, 2011.
|
Xi Rongrong, Yun Xiaochun and Zhang Yongzheng, "An improved quantitative evaluation method for network security", Chinese Joural of Computers, Vol.38, No.4, pp.749-758, 2015.
|
Lv Huiying, Peng Wu and Wang Ruimei, " A real-time network threat recognition and assessment method based on association analysis of time and space ", Journal of Computer Research and Development, Vol.51, No.5, pp.1039-1049, 2014.
|
Cyril Onwubiko and Thomas Owens, Situational Awareness in Computer Network Defense Principles, Methods and Applications, IGI Global Snippet, Hershey, USA, pp.125-137, 2012.
|
M Schiffman, "Common vulnerability scoring system version 2.0", available at http://www.first.org/cvss/cvss-guide.html,2013-7-8.
|
Fatemeh Kavousi and Behzad Akbari, "Automatic learning of attack behavior patterns using Bayesian networks", Proc. of 6th International Symposium on Telecommunications, Washington, USA, pp.999-1004, 2012.
|
Sheyner O, Haines J and Jha S, "Automated generation and analysis of attack graphs", Proc. of IEEE Symp on Security and Privacy (S&P 2002), Piscataway, NJ, USA, pp.273-283, 2002.
|
Noel S., Jajodia S. and O' Berry B., "Efficient minimumcost network hardening via exploit dependency graphs", Proc. of 19th Annual Computer Security Applications Conference(ACSAC' 03), Los Alamitos, CA, USA, pp.86-95, 2002.
|
Wei Yong and Lian Yifeng, " A network security situational awareness model based on log audit and performance correction", Chinese Joural of Computers, Vol.32, No.4, pp.763-772, 2009.
|
S.J. Templeton and K. Levitt, "A requires/provides model for computer attacks", Proc. of New Security Paradigms Workshop, Cork, Ireland, pp.31-38, 2002.
|
P. Ning, Y. Cui and D.S. Reeves, " Techniques and tools for analyzing intrusion alerts", ACM Transactions on Information and System Security, Vol.7, No.2, pp.274-318, 2004.
|
Peng Ning and Y Cui, An Intrusion Alert Correlator Based on Prerequisites of Intrusion, Department of Computer Science, North Carolina State University, Raleigh,North Carolina, USA, pp.1-16, 2002.
|
Frederic Cuppens, "Managing alerts in multi-intrusion detection environment", Proc. of 17th Annual Computer Security Applicaions Conference, New Orleans, Louisiana, USA, pp.22-31, 2001.
|
Frederic Cuppens and Alexandre Miege, "Alert correlation in a cooperative intrusion detection framework", Proc. of 2002 IEEE Symposium on Security and Privacy, Berkeley, California, USA, pp.202-215, 2002.
|
Benferhat S., Autrel F. and Cuppens F., "Enhanced correlation in an intrusion detection process", Proc. of 2th International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, St. Petersburg, Russia, pp.157-170, 2002.
|
Phillips C. and Swiler L.P., " A graph-based system for network vulnerability analysis", Proc. of 1998 Workshop on New Security Paradigms, New York,, USA, pp.71-79, 1998.
|
Noel S., Jacobs M. and Kalapa P., " Multiple coordinated views for network attack graphs", Proc. of 2005 Workshop on Visualization for Computer Security, Piscataway, NJ, USA, pp.99-106, 2005.
|
TUO Yu-peng, ZHANG Yongzheng and YIN Tao, " Modeling and evaluating a cross-realm architecture for P2P botnet", Acta Electronica Sinica, Vol.46, No.4, pp.791-796, 2018.
|
LI Peng, WANG Zhen and XU He, " Intrusion detection methods based on incomplete RFID traces", Chinese Journal of Electronics, Vol.26, No.4, pp.675-680, 2017.
|