The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Use of Reconnaissance Patterns for Intelligent Monitoring Model
Abstract
The increasing number of computer security attacks and intrusions affect organizations around the globe. This situation made security event management become mainstream important. One method called reconnaissance is used by hackers to choose networks and domains to search for targets before an attack. Reconnaissance allows a hacker to identify targets to be attacked or used for launching attacks. The targets are systems or networks with vulnerabilities. In order to protect against potential attackers, it is necessary to understand their reconnaissance methods and reasons. For example, by knowing the hacker’s reconnaissance targets, network administrators and security staff can verify the targets and improve the security of the targets or the network. However monitoring and analysis of hacker’s reconnaissance patterns has to be done correctly and continuously to determine the impact they may have on the security management. Network administrators need automated and effective techniques for recognizing and analysis of the reconnaissance patterns. The paper discusses a method for intelligent monitoring of the reconnaissance patterns, identification, and selection of hacker’s reconnaissance patterns to be used as inputs to the security event management model.
|
|