Add to ORKGNetwork forensic analysis is a process that analyzes intrusion evidence captured from networked environment to identify suspicious entities and stepwise actions in an attack scenario. Unfortunately, the overwhelming amount and low quality of output from security sensors make it difficult for analysts to obtain a succinct high-level view of complex multi-stage intrusions. This dissertation presents a novel graph based network forensic analysis system. The evidence graph model provides an intuitive representation of collected evidence as well as the foundation for forensic analysis. Based on the evidence graph, we develop a set of analysis components in a hierarchical reasoning framework. Local reasoning utilizes fuzzy inference to infer the ...
The 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS 2016), Larnac...
In this paper we tackle the problem of performing graph based network forensics analysis at a large ...
Network forensics investigates a network attack by tracing the source of the attack and attributing ...
We develop a prototype network forensics analysis tool that integrates presentation, manipulation an...
Part 5: NETWORK FORENSICSInternational audienceProbabilistic evidence graphs can be used to model ne...
As the Internet becomes larger in scale, more complex in structure and more diversified in traffic, ...
The development of technology in computer networks has increased the percentage of cyber-attacks and...
Preface on the 5th International Workshop on Traffic Measurements for Cybersecurity (10.1109/EuroSPW...
Preface on the 5th International Workshop on Traffic Measurements for Cybersecurity (10.1109/EuroSPW...
This paper presents a graph-based approach to network vulnerability analysis. The method is flexible...
International audienceWhen analyzing the security of activities in a highly distributed system, an a...
The task of generating network-based evidence to support network forensic investigation is becoming ...
Even though network traffic is typically encrypted, and it is almost impossible to look into the con...
Constructing an efficient and accurate model from security events to determine an attack scenario fo...
This paper presents a graph based approach to network vulnerability analysis. The method is flexible...
The 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS 2016), Larnac...
In this paper we tackle the problem of performing graph based network forensics analysis at a large ...
Network forensics investigates a network attack by tracing the source of the attack and attributing ...
We develop a prototype network forensics analysis tool that integrates presentation, manipulation an...
Part 5: NETWORK FORENSICSInternational audienceProbabilistic evidence graphs can be used to model ne...
As the Internet becomes larger in scale, more complex in structure and more diversified in traffic, ...
The development of technology in computer networks has increased the percentage of cyber-attacks and...
Preface on the 5th International Workshop on Traffic Measurements for Cybersecurity (10.1109/EuroSPW...
Preface on the 5th International Workshop on Traffic Measurements for Cybersecurity (10.1109/EuroSPW...
This paper presents a graph-based approach to network vulnerability analysis. The method is flexible...
International audienceWhen analyzing the security of activities in a highly distributed system, an a...
The task of generating network-based evidence to support network forensic investigation is becoming ...
Even though network traffic is typically encrypted, and it is almost impossible to look into the con...
Constructing an efficient and accurate model from security events to determine an attack scenario fo...
This paper presents a graph based approach to network vulnerability analysis. The method is flexible...
The 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS 2016), Larnac...
In this paper we tackle the problem of performing graph based network forensics analysis at a large ...
Network forensics investigates a network attack by tracing the source of the attack and attributing ...