Correlating Intrusion Detection with Attack Graph on Virtual Computer Networkings

Hanwen Zhang; Wenyong Wang; Lisheng Huang; Junrui Wu; Fengjun Zhang; Kai Shi

doi:10.5220/0011784100003405

Correlating Intrusion Detection with Attack Graph on Virtual Computer Networkings

Hanwen Zhang, Wenyong Wang, Lisheng Huang, Junrui Wu, Fengjun Zhang, Kai Shi

2023

Abstract

Securing a computer networking system requires the ability to gather and organise information about potential vulnerabilities existing in the system. One way of utilising the information above is to generate an attack graph of all possible attack paths. Current attack graph generation methods reach scalability issue with the growth of network devices and links, and one solution is to correlate attack graph with intrusion detection systems. However, correlation techniques are rarely studied especially on generating attack graphs on virtual computer networks, as correlations are inflexible to be integrated to existing attack graph generators. Previously we proposed mAGG, an attack graph generation framework on virtual networkings; and LSAFID, an intrusion detection system based on doc-word. In this paper, we propose a new method for correlating intrusion detection algorithm for attack graph generation on virtual networkings. Our new proposed method is flexible in network architectures and functionalities, and shortens the scale of generated attack graph.

Download

Paper Citation

in Harvard Style

Zhang H., Wang W., Huang L., Wu J., Zhang F. and Shi K. (2023). Correlating Intrusion Detection with Attack Graph on Virtual Computer Networkings. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-624-8, pages 651-658. DOI: 10.5220/0011784100003405

in Bibtex Style

@conference{icissp23,
author={Hanwen Zhang and Wenyong Wang and Lisheng Huang and Junrui Wu and Fengjun Zhang and Kai Shi},
title={Correlating Intrusion Detection with Attack Graph on Virtual Computer Networkings},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2023},
pages={651-658},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011784100003405},
isbn={978-989-758-624-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Correlating Intrusion Detection with Attack Graph on Virtual Computer Networkings
SN - 978-989-758-624-8
AU - Zhang H.
AU - Wang W.
AU - Huang L.
AU - Wu J.
AU - Zhang F.
AU - Shi K.
PY - 2023
SP - 651
EP - 658
DO - 10.5220/0011784100003405