Hybrid attack path enumeration system based on reputation scores

Young Hoon Moon, Ji Hong Kim, Dong Seong Kim, Huy Kang Kim

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    3 Citations (Scopus)

    Abstract

    As the cyber-attack trends are shifted from the volumetric attacks to the multi-layered attacks, it is more difficult for the IT administrators to find those attack attempts within their system and networks. However, vulnerability assessment is not easy due to the complex connections between multi-layered applications, servers, and networks. There are many security functionalities, but it is hard to apply strong security functionality to every information asset. In many cases, especially low computing power devices, authentication is the only or the first defense mechanism. Also, IT administrators continuously remove security vulnerabilities in applications, operating systems, and networks, but security vulnerabilities are repeatedly found due to the vendor's lack of security development process. To establish practical security defense strategy in the multi-layered network environment, we propose an advanced attack path enumeration methodology based on IT asset's reputations and authentication score. A predictive attack path enumeration based on our proposed method can help to find the best defense plan. We demonstrate our approach by design and implementation of a Hacking response measurement system and case study.

    Original languageEnglish
    Title of host publicationProceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    Pages241-248
    Number of pages8
    ISBN (Electronic)9781509043149
    DOIs
    Publication statusPublished - 2017 Mar 10
    Event16th IEEE International Conference on Computer and Information Technology, CIT 2016 - Nadi, Fiji
    Duration: 2016 Dec 72016 Dec 10

    Other

    Other16th IEEE International Conference on Computer and Information Technology, CIT 2016
    Country/TerritoryFiji
    CityNadi
    Period16/12/716/12/10

    Keywords

    • Attack graph
    • Attack path enumeration
    • Automated defense

    ASJC Scopus subject areas

    • Software
    • Computer Science Applications
    • Computer Networks and Communications
    • Information Systems
    • Safety, Risk, Reliability and Quality

    Fingerprint

    Dive into the research topics of 'Hybrid attack path enumeration system based on reputation scores'. Together they form a unique fingerprint.

    Cite this