G-CAS: Greedy Algorithm-Based Security Event Correlation System for Critical Infrastructure Network
| Autor: | Teng Hu, Peng Lu, Ruobin Zhang, Hao Wang, Guo Wu |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2021 |
| Předmět: |
Science (General)
Article Subject Computer Networks and Communications Computer science Distributed computing Critical infrastructure Tree (data structure) Q1-390 Correlation analysis T1-995 Event correlation Dimension (data warehouse) Focus (optics) Greedy algorithm Event analysis Technology (General) Information Systems |
| Zdroj: | Security and Communication Networks, Vol 2021 (2021) |
| ISSN: | 1939-0114 |
| DOI: | 10.1155/2021/3566360 |
| Popis: | The attacks on the critical infrastructure network have increased sharply, and the strict management measures of the critical infrastructure network have caused its correlation analysis technology for security events to be relatively backward; this makes the critical infrastructure network’s security situation more severe. Currently, there is no common correlation analysis technology for the critical infrastructure network, and most technologies focus on expanding the dimension of data analysis, but with less attention to the optimization of analysis performance. The analysis performance does not meet the practical environment, and real-time analysis is even more impossible; as a result, the efficiency of security threat detection is greatly declined. To solve this issue, we propose the greedy tree algorithm, a correlation analysis approach based on the greedy algorithm, which optimizes event analysis steps and significantly improves the performance, so the real-time correlation analysis can be realized. We first verify the performance of the algorithm through formalization, and then the G-CAS (Greedy Correlation Analysis System) is implemented based on this algorithm and is applied in a real critical infrastructure network, which outperformed the current mainstream products. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Plný text