@inproceedings{amos-binks_clark_weston_winters_harfoush_2017, title={Efficient attack plan recognition using automated planning}, DOI={10.1109/iscc.2017.8024656}, abstractNote={Network attacks are becoming ever more sophisticated and are able to hide more easily in the increasing amount of traffic being generated by everyday activity. Administrators are placed in the unfortunate position of distinguishing between the two. The attack graph has been in use for some time because it provides a concise knowledge representation, and has had successful security metrics developed from it. Previous methods of attack plan recognition have relied on statistical inference to capture network attacks, however they are computationally expensive and can fail to capture obvious cause and effect relationships. In this paper, we use automated planning to capture new properties of attack graphs and use it for plan recognition. Experimental results demonstrate the efficacy of our approach.}, booktitle={2017 ieee symposium on computers and communications (iscc)}, author={Amos-Binks, A. and Clark, J. and Weston, K. and Winters, M. and Harfoush, K.}, year={2017}, pages={1001–1006} }