Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function - Availability, Reliability, and Security in Information Systems
Conference Papers Year : 2014

Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function

Abstract

In this short article, a proposal to simulate a sophisticated attack on a technical infrastructure is discussed. Attacks on (critical) infrastructures can be modeled with attack trees, but regular (normal) attack trees have some limitation in the case of a sophisticated attack like an advanced persistent (sophisticated) attack. Furthermore, attacks can also be simulated to understand the type of attack, and in order to subsequently develop targeted countermeasures. In this case, a normal, and also a sophisticated attack, is typically carried out in three phases. In the first phase (I) extensive information is gathered about the target object. In the second phase (II), the existing information is verified with a target object scan. In the third phase (III), the actual attack takes place. A normal attack tree is not able to explain this kind of attack behavior. So, we advanced a normal attack tree, which uses conditional probability according to Bayes to go through a certain path - step by step - from the leaf to the root. The learning ability, which typically precedes an attack (phase II), is simulated using a genetic algorithm. To determine the attack, we used threat trees and threat actors. Threat actors are weighted by a function that is called criminal energy. In a first step, it proposes three types of threat actors. The vulnerabilities have been identified as examples for a laboratory network.
Fichier principal
Vignette du fichier
978-3-319-10975-6_19_Chapter.pdf (189.86 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01404000 , version 1 (28-11-2016)

Licence

Identifiers

Cite

Wolfgang Boehmer. Towards Analysis of Sophisticated Attacks, with Conditional Probability, Genetic Algorithm and a Crime Function. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. pp.250-256, ⟨10.1007/978-3-319-10975-6_19⟩. ⟨hal-01404000⟩
198 View
123 Download

Altmetric

Share

More