Research Article
Constructing APT Attack Scenarios Based on Intrusion Kill Chain and Fuzzy Clustering
Table 1
The meaning of each attribute.
| The attribute of an alarm | Meaning |
| timestamp | The time when the attack occurred | sIP | The source IP address | dIP | The destination IP address | sPort | The source port | dPort | The destination port | alarm_event | The IDS alarm event |
|
|