Skip to Main content Skip to Navigation
Conference papers

Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function

Abstract : In this short article, a proposal to simulate a sophisticated attack on a technical infrastructure is discussed. Attacks on (critical) infrastructures can be modeled with attack trees, but regular (normal) attack trees have some limitation in the case of a sophisticated attack like an advanced persistent (sophisticated) attack. Furthermore, attacks can also be simulated to understand the type of attack, and in order to subsequently develop targeted countermeasures. In this case, a normal, and also a sophisticated attack, is typically carried out in three phases. In the first phase (I) extensive information is gathered about the target object. In the second phase (II), the existing information is verified with a target object scan. In the third phase (III), the actual attack takes place. A normal attack tree is not able to explain this kind of attack behavior. So, we advanced a normal attack tree, which uses conditional probability according to Bayes to go through a certain path - step by step - from the leaf to the root. The learning ability, which typically precedes an attack (phase II), is simulated using a genetic algorithm. To determine the attack, we used threat trees and threat actors. Threat actors are weighted by a function that is called criminal energy. In a first step, it proposes three types of threat actors. The vulnerabilities have been identified as examples for a laboratory network.
Complete list of metadata

Cited literature [14 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, November 28, 2016 - 11:27:27 AM
Last modification on : Thursday, March 5, 2020 - 4:47:11 PM
Long-term archiving on: : Monday, March 20, 2017 - 11:39:39 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Wolfgang Boehmer. Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. pp.250-256, ⟨10.1007/978-3-319-10975-6_19⟩. ⟨hal-01404000⟩



Record views


Files downloads