Intrusion alert prioritisation and attack detection using post-correlation analysis
- Submitting institution
-
City, University of London
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 750
- Type
- D - Journal article
- DOI
-
10.1016/j.cose.2014.12.003
- Title of journal
- Computers and Security
- Article number
- -
- First page
- 1
- Volume
- 50
- Issue
- -
- ISSN
- 0167-4048
- Open access status
- Out of scope for open access requirements
- Month of publication
- January
- Year of publication
- 2015
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
4
- Research group(s)
-
-
- Citation count
- 22
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- Output presents novel approach to identifying network attacks from alert logs, showing measurable improvements to existing methods. The output has been cited in significant work in cyber security and manufacturing sectors (e.g. Alhaj et al 2016; De Alvarenga et al 2018; Barzegar, & Shajari 2018; Bajtoš et al 2020). The presented approach was supported by BT, led to a PhD studentship and was incorporated into BT’s SATURN Cyber Analytics platform (contact Prof. Ben Azvine, Global Head of Security Research, BT). SATURN has been licensed by QiO Technologies, leading supplier of AI and analytics software for industry and manufacturing companies. (https://www.enterprisetimes.co.uk/2019/03/25/qio-licenses-bts-saturn-cyber-analytics/)
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -
