[1] |
Gartner. Security Operations Primer for 2020[EB/OL]. https://www.gartner.com/en/documents/3978969/security-operations-primer-for-2020, 2020-01-02/2021-03-07.
|
[2] |
Friedberg I, Skopik F, Settanni G, et al. Combating advan-ced persistent threats: From network event correlation to incident detection[J]. Computers & Security, 2015, 48(7):35-57.
doi: 10.1016/j.cose.2014.09.006
|
[3] |
张润滋, 刘文懋, 尤扬, 解烽. AISecOps自动化能力分级与技术趋势研究[J]. 信息网络安全, 2020, 20(09):22-26.
|
[4] |
Dang Y, Lin Q, Huang P. AIOps: real-world challenges and research innovations[C]. 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), 2019: 4-5.
|
[5] |
Rowley J. The wisdom hierarchy: representations of the DIKW hierarchy[J]. Journal of information science, 2007, 33(2):163-180.
doi: 10.1177/0165551506070706
|
[6] |
Noel S, Harley E, Tam K H, et al. Chapter 4 - CyGraph: Graph-Based Analytics and Visualization for Cyberse-curity[M]. Handbook of Statistics: Elsevier, 2016: 117-167.
|
[7] |
The MITRE Corporation. MITRE ATT&CK Matrix for Enterprise[EB/OL]. https://attack.mitre.org/, 2020-10-27/2021-03-07.
|
[8] |
The MITRE Corporation. Common Attack Pattern Enume-ration and Classification (CAPEC)[EB/OL]. https://capec.mitre.org/, 2021-02-25/2021-03-07.
|
[9] |
The MITRE Corporation. Common Weakness Enume-ration (CWE)[EB/OL]. https://cwe.mitre.org/, 2021-01-18/ 2021-03-07.
|
[10] |
Grant T. Unifying planning and control using an OODA-based architecture[C]. Proceedings of Annual Conference of the South African Institute of Computer Scientists and Information Technologists, 2005: 111-122.
|
[11] |
Zhang Z, Ho P H, He L. Measuring IDS-estimated attack impacts for rational incident response: A decision theoretic approach[J]. Computers & Security, 2009, 28(7):605-614.
doi: 10.1016/j.cose.2009.03.005
|
[12] |
Jajodia S, Noel S, Kalapa P, et al. Cauldron mission-centric cyber situational awareness with defense in depth[C]. 2 011 - MILCOM 2011 Military Communications Conference, 2011: 1339-1344.
|
[13] |
Lee S, Kim S, Lee S, et al. LARGen: Automatic Signature Generation for Malwares Using Latent Dirichlet Allocation[J]. IEEE Transactions on Dependable & Secure Comput-ing, 2018, 15(5):771-783.
|
[14] |
郭莉, 曹亚男, 苏马婧, 等. 网络空间资源测绘:概念与技术[J]. 信息安全学报, 2018, 003(004):1-14.
|
[15] |
Wang W, Sheng Y, Wang J, et al. HAST-IDS: Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection[J]. IEEE Access, 2018, 6(99):1792-1806.
doi: 10.1109/ACCESS.2017.2780250
|
[16] |
Liu F, Wen Y, Zhang D, et al. Log2vec: A Heterogeneous Graph Embedding Based Approach for Detecting Cyber Threats within Enterprise[C]. Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019: 1777-1794.
|
[17] |
Pei K, Gu Z, Saltaformaggio B, et al. HERCULE: attack story reconstruction via community discovery on correlated log graph[C]. Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016: 583-595.
|
[18] |
Milajerdi S, Gjomemo R, Eshete B, et al. HOLMES: Real-Time APT Detection through Correlation of Suspi-cious Information Flows[M]. 2019: 1137-1152.
|
[19] |
Hossain M N, Sheikhi S, Sekar R. Combating Depen-dence Explosion in Forensic Analysis Using Alternative Tag Propagation Semantics[C]. 2020 IEEE Symposium on Security and Privacy (SP), 2020: 1139-1155.
|
[20] |
Pitropakis N, Panaousis E, Giannakoulias A, et al. An Enhanced Cyber Attack Attribution Framework[C]. Trust, Privacy and Security in Digital Business, 2018: 213-228.
|
[21] |
Aminanto M E, Zhu L, Ban T, et al. Combating Threat-Alert Fatigue with Online Anomaly Detection Using Isolation Forest[C]. Neural Information Processing, 2019: 756-765.
|
[22] |
Friedberg I, Skopik F, Fiedler R. Cyber situational awareness through network anomaly detection: state of the art and new approaches[J]. e & i Elektrotechnik und Informationstechnik, 2015, 132(2):101-105.
|
[23] |
Ghanem M C, Chen T M. Reinforcement Learning for Intelligent Penetration Testing[C]. 2018 Second World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), 2018: 185-192.
|
[24] |
Nespoli P, Papamartzivanos D, Mármol F G, et al. Opti-mal Countermeasures Selection Against Cyber Attacks: A Comprehensive Survey on Reaction Frameworks[J]. IEEE Communications Surveys & Tutorials, 2018, 20(2):1361-1396.
|
[25] |
Roy A, Kim D S, Trivedi K S. Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees[J]. Security and Communication Networks, 2012, 5(8):929-943.
doi: 10.1002/sec.299
|