Abstract
Aiming at the current network security problems, we propose a network attack recognition method based on probability target graph. Based on the target graph, this method replaces the state nodes with the target nodes and adds the observation nodes, and constructs a new structure named probability target graph (PTG). The probability distribution of observed actions is calculated by background knowledge, and then the probability value of each target node is calculated. The target with the highest probability value is the target to be attacked by the intruders. Due to the uncertainty of the network environment, attackers will also deliberately hide their behaviors, so by adding probability values to the target graph, some observable actions can be effectively identified. At the same time, we build the knowledge base based on the causal network, which provides help for the alarm correlation analysis, and can more effectively analyze the attack plan and predict the next actions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Geib, C.W., Goldman, R.P.: Plan recognition in intrusion detection systems. In: DARPA Information Survivability Conference and Exposition (DISCEX-2001). Anaheim, California, pp. 46–55 (2001)
Lei, W.: Research and Implementation of the Program Recognition Model Based on Behavior State Diagram. Northeast normal university, ChangChun (2007)
Wu, P., Shu-ping, Y.: Research on intrusion intention identification based on probabilistic reasoning. Comput. Sci. 37(1), 79–82 (2010)
Jian-Wei, Z., Hui, H.X., Zhi-Yuan, Y., et al.: A network attack plan recognition algorithm based on the extended target graph. Chin. J. Comput. 29(8), 1356–1366 (2006)
Jili, Y., Ying, L., Jinyan, W., et al.: A recognition approach for adversarial planning based on complete target graph. In: 2007 International Conference on Computational Intelligence and Security, pp 286–290 (2007)
Lazarevic, A., Kumar, V., Srivastava, J.: Intrusion detection: a survey. Managing Cyber Threats, 19–78 (2008)
Wenxiang, G., Ying, L.: Recognize and Respond to Adversary Planning, pp. 275–276. Science Press, Beijing (2016)
Xiao, F., Li, X.: Security alert correlation: a survey. Comput. Sci. 37(5), 9–14 (2010)
Liu, Y., Wen-xiang, G.: An effective recognition method for network attack. OPTIK 124(2013), 4823–4826 (2013)
Ying, L., Wenxiang, G.: A plan recognition algorithm based on the probabilistic goal graph. In: 2011 International Conference on Network Computing and Information Security, pp. 359–361 (2011)
Acknowledgments
This research was funded by the “13th five-year” Science and Technology Project of Jilin Education Department: JJKH20190356KJ.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, Y., Zheng, Y. (2021). A Network Attack Recognition Method Based on Probability Target Graph. In: Tavana, M., Nedjah, N., Alhajj, R. (eds) Emerging Trends in Intelligent and Interactive Systems and Applications. IISA 2020. Advances in Intelligent Systems and Computing, vol 1304. Springer, Cham. https://doi.org/10.1007/978-3-030-63784-2_96
Download citation
DOI: https://doi.org/10.1007/978-3-030-63784-2_96
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-63783-5
Online ISBN: 978-3-030-63784-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)