Research Article
Constructing APT Attack Scenarios Based on Intrusion Kill Chain and Fuzzy Clustering
Table 1
The meaning of each attribute.
| | The attribute of an alarm | Meaning |
| | timestamp | The time when the attack occurred | | sIP | The source IP address | | dIP | The destination IP address | | sPort | The source port | | dPort | The destination port | | alarm_event | The IDS alarm event |
|
|
