Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function

Abstract : In this short article, a proposal to simulate a sophisticated attack on a technical infrastructure is discussed. Attacks on (critical) infrastructures can be modeled with attack trees, but regular (normal) attack trees have some limitation in the case of a sophisticated attack like an advanced persistent (sophisticated) attack. Furthermore, attacks can also be simulated to understand the type of attack, and in order to subsequently develop targeted countermeasures. In this case, a normal, and also a sophisticated attack, is typically carried out in three phases. In the first phase (I) extensive information is gathered about the target object. In the second phase (II), the existing information is verified with a target object scan. In the third phase (III), the actual attack takes place. A normal attack tree is not able to explain this kind of attack behavior. So, we advanced a normal attack tree, which uses conditional probability according to Bayes to go through a certain path - step by step - from the leaf to the root. The learning ability, which typically precedes an attack (phase II), is simulated using a genetic algorithm. To determine the attack, we used threat trees and threat actors. Threat actors are weighted by a function that is called criminal energy. In a first step, it proposes three types of threat actors. The vulnerabilities have been identified as examples for a laboratory network.
Type de document :
Communication dans un congrès
Stephanie Teufel; Tjoa A Min; Ilsun You; Edgar Weippl. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-8708, pp.250-256, 2014, Availability, Reliability, and Security in Information Systems. 〈10.1007/978-3-319-10975-6_19〉
Liste complète des métadonnées

Littérature citée [14 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01404000
Contributeur : Hal Ifip <>
Soumis le : lundi 28 novembre 2016 - 11:27:27
Dernière modification le : mardi 29 novembre 2016 - 01:04:50
Document(s) archivé(s) le : lundi 20 mars 2017 - 23:39:39

Fichier

978-3-319-10975-6_19_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Wolfgang Boehmer. Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function. Stephanie Teufel; Tjoa A Min; Ilsun You; Edgar Weippl. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-8708, pp.250-256, 2014, Availability, Reliability, and Security in Information Systems. 〈10.1007/978-3-319-10975-6_19〉. 〈hal-01404000〉

Partager

Métriques

Consultations de la notice

135

Téléchargements de fichiers

25