期刊文献+
共找到3篇文章
< 1 >
每页显示 20 50 100
Heuristic multistep attack scenarios construction based on kill chain
1
作者 Cheng Jie Zhang Ru +4 位作者 Wei Jiahui Lu Chen Lü Zhishuai Lin Bingjie Xia Ang 《The Journal of China Universities of Posts and Telecommunications》 EI CSCD 2023年第5期61-71,共11页
Network attacks evolved from single-step and simple attacks to complex multistep attacks.Current methods of multistep attack detection usually match multistep attacks from intrusion detection systems(IDS)alarms based ... Network attacks evolved from single-step and simple attacks to complex multistep attacks.Current methods of multistep attack detection usually match multistep attacks from intrusion detection systems(IDS)alarms based on the correlation between attack steps.However,IDS has false negatives and false positives,which leads to incomplete or incorrect multistep attacks.Association based on simple similarity is difficult to obtain an accurate attack cluster,while association based on prior knowledge such as attack graphs is difficult to guarantee a complete attack knowledge base.To solve the above problems,a heuristic multistep attack scenarios construction method based on the kill chain(HMASCKC)model was proposed.The attack model graph can be obtained from dual data sources and heuristic multistep attack scenarios can be obtained through graph matching.The model graph of the attack and the predicted value of the next attack are obtained by calculating the matching value.And according to the purpose of the multistep attack,the kill chain model is used to define the initial multistep attack model,which is used as the initial graph for graph matching.Experimental results show that HMASCKC model can better fit the multistep attack behavior,the effect has some advantages over the longest common subsequence(LCS)algorithm,which can close to or match the prediction error of judge evaluation of attack intension(JEAN)system.The method can make multistep attack model matching for unknown attacks,so it has some advantages in practical application. 展开更多
关键词 multistep attack scenario kill chain graph matching attack prediction
原文传递
An Improved Model of Attack Probability Prediction System
2
作者 WANG Hui LIU Shufen ZHANG Xinjia 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1498-1502,共5页
This paper presents a novel probability generation algorithm to predict attacks from an insider who exploits known system vulnerabilities through executing authorized operations. It is different from most intrusion de... This paper presents a novel probability generation algorithm to predict attacks from an insider who exploits known system vulnerabilities through executing authorized operations. It is different from most intrusion detection systems (IDSs) because these IDSs are inefficient to resolve threat from authorized insiders. To deter cracker activities, this paper introduces an improved structure of augmented attack tree and a notion of "minimal attack tree", and proposes a new generation algorithm of minimal attack tree. We can provide a quantitative approach to help system administrators make sound decision. 展开更多
关键词 atomic attack attack scenario attack tree
下载PDF
Social engineering in cybersecurity:a domain ontology and knowledge graph application examples 被引量:5
3
作者 Zuoguang Wang Hongsong Zhu +1 位作者 Peipei Liu Limin Sun 《Cybersecurity》 EI CSCD 2021年第1期480-500,共21页
Social engineering has posed a serious threat to cyberspace security.To protect against social engineering attacks,a fundamental work is to know what constitutes social engineering.This paper first develops a domain o... Social engineering has posed a serious threat to cyberspace security.To protect against social engineering attacks,a fundamental work is to know what constitutes social engineering.This paper first develops a domain ontology of social engineering in cybersecurity and conducts ontology evaluation by its knowledge graph application.The domain ontology defines 11 concepts of core entities that significantly constitute or affect social engineering domain,together with 22 kinds of relations describing how these entities related to each other.It provides a formal and explicit knowledge schema to understand,analyze,reuse and share domain knowledge of social engineering.Furthermore,this paper builds a knowledge graph based on 15 social engineering attack incidents and scenarios.7 knowledge graph application examples(in 6 analysis patterns)demonstrate that the ontology together with knowledge graph is useful to 1)understand and analyze social engineering attack scenario and incident,2)find the top ranked social engineering threat elements(e.g.the most exploited human vulnerabilities and most used attack mediums),3)find potential social engineering threats to victims,4)find potential targets for social engineering attackers,5)find potential attack paths from specific attacker to specific target,and 6)analyze the same origin attacks. 展开更多
关键词 Social engineering attack Cyber security Ontology Knowledge graph attack scenarios Threat analysis attack path attack model TAXONOMY Composition and structure
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部