APIN: Automatic Attack Path Identification in Computer Networks
作者: Eric Ficke , Shouhuai Xu
DOI: 10.1109/ISI49825.2020.9280547
关键词:
摘要: Identifying the scope of a network attack can be difficult with limited information about nature attack. Even more is automation this process. Because this, it important to investigate new methods for mapping and quantifying threat posed by an attack, in order prioritize actions during incident response. To end we propose framework automatic path identification computer networks (APIN) leveraging observable malicious behaviors quantify score set attacks. Using two academic datasets, experimental results show that APIN able quickly reconstruct paths offer meaningful insight into multi-step threats on network, given only reasonable restrictions size structure. These insights would not possible existing tools, such as IDSs, human analysts require significant time expertise obtain same findings without APIN’s guidance.
sci-hub.st 参考文章(35)
Jose Andre Morales, Areej Al-Bataineh, Shouhuai Xu, Ravi Sandhu, Analyzing and Exploiting Network Behaviors of Malware international conference on security and privacy in communication systems. pp. 20- 34 ,(2010) , 10.1007/978-3-642-16161-2_2
Yu-Zhong Chen, Zi-Gang Huang, Shouhuai Xu, Ying-Cheng Lai, Spatiotemporal Patterns and Predictability of Cyberattacks PLOS ONE. ,vol. 10, pp. e0124472- ,(2015) , 10.1371/JOURNAL.PONE.0124472
Shouhuai Xu, Wenlian Lu, Zhenxin Zhan, A Stochastic Model of Multivirus Dynamics IEEE Transactions on Dependable and Secure Computing. ,vol. 9, pp. 30- 45 ,(2012) , 10.1109/TDSC.2011.33
Robin Sommer, Vern Paxson, Outside the Closed World: On Using Machine Learning for Network Intrusion Detection ieee symposium on security and privacy. pp. 305- 316 ,(2010) , 10.1109/SP.2010.25
Xiaohu Li, P Parker, Shouhuai Xu, A Stochastic Model for Quantitative Security Analyses of Networked Systems IEEE Transactions on Dependable and Secure Computing. ,vol. 8, pp. 28- 43 ,(2011) , 10.1109/TDSC.2008.75
Richard Lippmann, Joshua W Haines, David J Fried, Jonathan Korba, Kumar Das, The 1999 DARPA off-line intrusion detection evaluation recent advances in intrusion detection. ,vol. 34, pp. 579- 595 ,(2000) , 10.1016/S1389-1286(00)00139-0
Zhenxin Zhan, Maochao Xu, Shouhuai Xu, Predicting Cyber Attack Rates With Extreme Values IEEE Transactions on Information Forensics and Security. ,vol. 10, pp. 1666- 1677 ,(2015) , 10.1109/TIFS.2015.2422261
An Extended Stochastic Model for Quantitative Security Analysis of Networked Systems Internet Mathematics. ,vol. 8, pp. 288- 320 ,(2012) , 10.1080/15427951.2012.654480
Jose Andre Morales, Michael Main, Weiliang Luo, Shouhuai Xu, Ravi Sandhu, Building malware infection trees international conference on malicious and unwanted software. pp. 50- 57 ,(2011) , 10.1109/MALWARE.2011.6112326
Samant Saurabh, Ashok Singh Sairam, A more accurate completion condition for attack-graph reconstruction in Probabilistic Packet Marking algorithm national conference on communications. pp. 1- 5 ,(2013) , 10.1109/NCC.2013.6488043