Movatterモバイル変換


[0]ホーム

URL:


Skip to main content

Advertisement

Springer Nature Link
Log in

Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function

  • Conference paper

Part of the book series:Lecture Notes in Computer Science ((LNISA,volume 8708))

Abstract

In this short article, a proposal to simulate a sophisticated attack on a technical infrastructure is discussed. Attacks on (critical) infrastructures can be modeled with attack trees, but regular (normal) attack trees have some limitation in the case of a sophisticated attack like an advanced persistent (sophisticated) attack. Furthermore, attacks can also be simulated to understand the type of attack, and in order to subsequently develop targeted countermeasures. In this case, a normal, and also a sophisticated attack, is typically carried out in three phases. In the first phase (I) extensive information is gathered about the target object. In the second phase (II), the existing information is verified with a target object scan. In the third phase (III), the actual attack takes place. A normal attack tree is not able to explain this kind of attack behavior. So, we advanced a normal attack tree, which uses conditional probability according to Bayes to go through a certain path - step by step - from the leaf to the root. The learning ability, which typically precedes an attack (phase II), is simulated using a genetic algorithm. To determine the attack, we used threat trees and threat actors. Threat actors are weighted by a function that is called criminal energy. In a first step, it proposes three types of threat actors. The vulnerabilities have been identified as examples for a laboratory network.

Similar content being viewed by others

Keywords

References

  1. Weis, J.D.: A system security engineering process. In: Proceedings of the 14th National. Computer Security Conference (1991)

    Google Scholar 

  2. Schneier, B.: Attack trees. Dr. Dobb’ s Journal 24(12), 21–29 (1999)

    Google Scholar 

  3. Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability, Technical Note CMU/SEI-2001- TN-001, Carnegie Mellon University (2001)

    Google Scholar 

  4. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 273–284 (2002)

    Google Scholar 

  5. Sheyner, O.: Tools for Generating and Analyzing Attack Graphs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2003. LNCS, vol. 3188, pp. 344–371. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Ingoldsby, T.R.: Fundamentals of Capabilities-based Attack Tree Analysis. Amenaza Technologies Limited, 406 – 917 85th St SW, m/s 125

    Google Scholar 

  7. Jha, S., Sheyner, O., Wing, J.: Two formal analyses of attack graphs. In: 15th IEEE Proceedings of the Computer Security Foundations Workshop, pp. 49–63 (2002)

    Google Scholar 

  8. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 273–284 (2002)

    Google Scholar 

  9. Sheyner, O.M.: Scenario graphs and attack graphs. PhD thesis, University of Wisconsin (2004)

    Google Scholar 

  10. Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Kordy, B., Mauw, S., Melissen, M., Schweitzer, P.: Attack–defense trees and two-player binary zero-sum extensive form games are equivalent. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 245–256. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  12. Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DAS 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  13. Whitley, D.: A genetic algorithm tutorial. Statistics and Computing 4(2), 65–85 (1994)

    Article  Google Scholar 

  14. Poolsappasit, N.: Towards an Efficient Vulnerability Analysis Methodology for better Security Risk Management. PhD thesis, Colorado State University (July 2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Technische Universität Darmstadt, Morneweg Str. 30, CASED building, D-64293, Darmstadt, Germany

    Wolfgang Boehmer

Authors
  1. Wolfgang Boehmer

Editor information

Editors and Affiliations

  1. iimt - international institute of management in technology, University of Fribourg, 1700, Fribourg, Switzerland

    Stephanie Teufel

  2. Institute of Software Technology and Interactive Systems, Vienna University of Technology, 1040, Vienna, Austria

    Tjoa A Min

  3. School of Informatic Science, Korean Bible University, Seoul, South Korea

    Ilsun You

  4. Institute of Software Technology in Interactive Systems, Vienna University of Technology and SBA Research, 1040, Vienna, Austria

    Edgar Weippl

Rights and permissions

Copyright information

© 2014 IFIP International Federation for Information Processing

About this paper

Cite this paper

Boehmer, W. (2014). Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function. In: Teufel, S., Min, T.A., You, I., Weippl, E. (eds) Availability, Reliability, and Security in Information Systems. CD-ARES 2014. Lecture Notes in Computer Science, vol 8708. Springer, Cham. https://doi.org/10.1007/978-3-319-10975-6_19

Download citation

Publish with us


[8]ページ先頭

©2009-2025 Movatter.jp