Research Article
Security Metric Methods for Network Multistep Attacks Using AMC and Big Data Correlation Analysis
Algorithm 4
Pseudocode for calculating ESP.
Input: Real - time alert flow | Output: Matrix B and threat ranking of absorbing alert nodes | (1) Use Algorithm 1 to fuse original alert flow to generate different class clusters. | (2) For to | (3)where h is the number of clusters | (4)Use Algorithm 2 to construct n×n transition probability matrix P of . | (5)Generate matrix Q and matrix R from P according to Definition 2. | (6)Calculate matrix . | (7)For to | (8)Rank in value decreasing. | (9)Return matrix B and the node ranking. | (10)End | (11) End |
|