Terrain and behavior modeling for projecting multistage cyber attaacks

Show full item record

Title: Terrain and behavior modeling for projecting multistage cyber attaacks
Author: Fava, Daniel; Holsopple, Jared; Yang, Shanchieh; Argauer, Brian
Abstract: Contributions from the information fusion community have enabled comprehensible traces of intrusion alerts occurring on computer networks. Traced or tracked cyber attacks are the bases for threat projection in this work. Due to its complexity, we separate threat projection into two subtasks: predicting likely next targets and predicting attacker behavior. A virtual cyber terrain is proposed for identifying likely targets. Overlaying traced alerts onto the cyber terrain reveals exposed vulnerabilities, services, and hosts. Meanwhile, a novel attempt to extract cyber attack behavior is discussed. Leveraging traditional work on prediction and compression, this work identifies behavior patterns from traced cyber attack data. The extracted behavior patterns are expected to further refine projections deduced from the cyber terrain.
Record URI: http://hdl.handle.net/1850/10749
Date: 2007-07-09

Files in this item

Files Size Format View
SYangConfProc07-9-2007.pdf 196.8Kb PDF View/Open

The following license files are associated with this item:

This item appears in the following Collection(s)

Show full item record

Search RIT DML


Advanced Search

Browse