Research Article
Security Metric Methods for Network Multistep Attacks Using AMC and Big Data Correlation Analysis
Algorithm 4
Pseudocode for calculating ESP.
| Input: Real - time alert flow | | Output: Matrix B and threat ranking of absorbing alert nodes | | (1) Use Algorithm 1 to fuse original alert flow to generate different class clusters. | | (2) For to | | (3)where h is the number of clusters | | (4)Use Algorithm 2 to construct n×n transition probability matrix P of . | | (5)Generate matrix Q and matrix R from P according to Definition 2. | | (6)Calculate matrix . | | (7)For to | | (8)Rank in value decreasing. | | (9)Return matrix B and the node ranking. | | (10)End | | (11) End |
|
