|Awan, Malik Shahzad, Burnap, Peter and Rana, Omer Farooq 2015. Estimating risk boundaries for persistent and stealthy cyber-attacks. Presented at: 22nd ACM Conference on Computer and Communications Security, Denver Colorado, USA, 12-16 October 2015. SafeConfig '15 Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense. ACM, pp. 15-20. 10.1145/2809826.2809830|
Increasingly mature, stealthy and dynamic techniques and attack vectors used by cyber criminals have made network infrastructure more vulnerable to security breaches. Moreover, cyber-attacks involving advanced evasion techniques often bypass security controls, and even if detected at a later time could still remain in the system for a long time without any monitorable trace. Such types of cyber-attacks are costing billions of dollars to the organizations across the globe. This dynamic and complex threat landscape demands a network administrator to understand the nature, patterns and risks of cyber-attacks targeting the network infrastructure so that appropriate measures could be introduced. In this paper we propose: (i) a framework to formally characterize the features of such advanced persistent threats, (ii) propose a security metric to calculate risk based on characteristics of such threats, and (iii) estimate risk boundaries for persistent and stealthy cyber-attacks. We validate and analyze the application of our proposed risk framework using real-world traffic logs acquired from an Intrusion Detection/Prevention System.
|Item Type:||Conference or Workshop Item (Paper)|
|Schools:||Computer Science & Informatics|
|Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
|Last Modified:||30 Apr 2016 03:38|
Actions (repository staff only)