Network Forensic Analysis via Vulnerability Evidence Reasoning

被引:0
|
作者
Chang, Cheng-Yue [1 ]
He, Jing-Sha
机构
[1] Beijing Univ Technol, Sch Software Engn, Beijing 100124, Peoples R China
来源
PROCEEDINGS OF THE 2016 INTERNATIONAL CONFERENCE ON COMPUTER ENGINEERING AND INFORMATION SYSTEMS | 2016年 / 52卷
关键词
network forensics; evidence graph; event vector; vulnerability evidence reasoning;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
In this article, we propose a novel method that uses vulnerability evidence reasoning in network forensics analysis. Central to our method is the evidence graph model to support evidence presentation and reasoning. Based on the evidence graph, we propose a network forensics method that built the evidence graph on the basis of the network system vulnerabilities and environmental information. At the same time, the proposed method can realize the reconstruction of attack scenarios with high efficiency and with the capability of identifying multi-staged at-tacks through evidence reasoning. Results of the experiment that we conducted would show that the proposed method is complete and credible with certain reasoning ability, which can be a powerful tool for rapid and effective network forensic analysis.
引用
收藏
页码:245 / 249
页数:5
相关论文
共 50 条
  • [31] Network security via reverse engineering of TCP code: Vulnerability analysis and proposed solutions
    Guha, B
    Mukherjee, B
    IEEE INFOCOM '96 - FIFTEENTH ANNUAL JOINT CONFERENCE OF THE IEEE COMPUTER AND COMMUNICATIONS SOCIETIES: NETWORKING THE NEXT GENERATION, PROCEEDINGS VOLS 1-3, 1996, : 603 - 610
  • [32] Network security via reverse engineering of TCP code: Vulnerability analysis and proposed solutions
    Guha, B
    Mukherjee, B
    IEEE NETWORK, 1997, 11 (04): : 40 - 48
  • [33] Scalable Secure Multi-Party Network Vulnerability Analysis via Symbolic Optimization
    Albab, Kinan Dak
    Issa, Rawane
    Lapets, Andrei
    Bestavros, Azer
    Volgushev, Nikolaj
    2017 IEEE SECURITY AND PRIVACY WORKSHOPS (SPW 2017), 2017, : 211 - 216
  • [34] EVIDENTIAL REASONING FOR FORENSIC READINESS
    Liao, Yi-Ching
    Langweg, Hanno
    JOURNAL OF DIGITAL FORENSICS SECURITY AND LAW, 2016, 11 (01) : 37 - 51
  • [35] No evidence of theory of mind reasoning in the human language network
    Shain, Cory
    Paunov, Alexander
    Chen, Xuanyi
    Lipkin, Benjamin
    Fedorenko, Evelina
    CEREBRAL CORTEX, 2023, 33 (10) : 6299 - 6319
  • [36] NETWORK DIAGNOSIS BY REASONING IN UNCERTAIN NESTED EVIDENCE SPACES
    DAWES, N
    ALTOFT, J
    PAGUREK, B
    IEEE TRANSACTIONS ON COMMUNICATIONS, 1995, 43 (2-4) : 466 - 476
  • [37] Efficient Neural Network Approximation via Bayesian Reasoning
    Savino, Alessandro
    Traiola, Marcello
    Di Carlo, Stefano
    Bosio, Alberto
    2021 24TH INTERNATIONAL SYMPOSIUM ON DESIGN AND DIAGNOSTICS OF ELECTRONIC CIRCUITS & SYSTEMS (DDECS), 2021, : 45 - 50
  • [38] Vulnerability modelling for the analysis of network attacks
    Maggi, Paolo
    Pozza, Davide
    Sisto, Riccardo
    DEPCOS - RELCOMEX 2008: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON DEPENDABILITY OF COMPUTER SYSTEMS, 2008, : 15 - 22
  • [39] A New Approach for Network Vulnerability Analysis
    Vu, Hai L.
    Khaw, Kenneth K.
    Chen, Tsong Yueh
    COMPUTER JOURNAL, 2015, 58 (04): : 878 - 891
  • [40] Vulnerability analysis of power communication network
    Fan, Bing
    Tang, Liangrui
    Zhongguo Dianji Gongcheng Xuebao/Proceedings of the Chinese Society of Electrical Engineering, 2014, 34 (07): : 1191 - 1197
12345