Alert-driven attack graph generation using s-pdfa
Ideal cyber threat intelligence (CTI) includes insights into attacker strategies that are specific
to a network under observation. Such CTI currently requires extensive expert input for …
to a network under observation. Such CTI currently requires extensive expert input for …
SoK: Pragmatic assessment of machine learning for network intrusion detection
G Apruzzese, P Laskov… - 2023 IEEE 8th European …, 2023 - ieeexplore.ieee.org
Machine Learning (ML) has become a valuable asset to solve many real-world tasks. For
Network Intrusion Detection (NID), however, scientific advances in ML are still seen with …
Network Intrusion Detection (NID), however, scientific advances in ML are still seen with …
Tasharok: Using mechanism design for enhancing security resource allocation in interdependent systems
We consider interdependent systems managed by multiple defenders that are under the
threat of stepping-stone attacks. We model such systems via game-theoretic models and …
threat of stepping-stone attacks. We model such systems via game-theoretic models and …
Critical Path Prioritization Dashboard for Alert-driven Attack Graphs
SL Díaz, S Pastrana, A Nadeem - arXiv preprint arXiv:2310.13079, 2023 - arxiv.org
Although intrusion alerts can provide threat intelligence regarding attacker strategies,
extracting such intelligence via existing tools is expensive and time-consuming. Earlier work …
extracting such intelligence via existing tools is expensive and time-consuming. Earlier work …
SecMonS: A Security Monitoring Framework for IEC 61850 Substations Based on Configuration Files and Logs
Substations are critical components of the smart grid since compromising them can lead to
significant consequences, such as blackouts. Threat modeling aims to model different ways …
significant consequences, such as blackouts. Threat modeling aims to model different ways …
Prescriptive Analytics-based Robust Decision-Making Model for Cyber Disaster Risk Reduction
J Ponnoly, J Puthenveetil… - 2024 IEEE 3rd International …, 2024 - ieeexplore.ieee.org
Decision-making in cyber security attack scenarios involves deep uncertainty and
adversarial decision-making. Robust Decision Making (RDM) uses a structured approach to …
adversarial decision-making. Robust Decision Making (RDM) uses a structured approach to …
Learning about the adversary
The evolving nature of the tactics, techniques, and procedures used by cyber adversaries
have made signature and template based methods of modeling adversary behavior almost …
have made signature and template based methods of modeling adversary behavior almost …
Effects of Behavioral Decision-Making in Game-theoretic Frameworks for Security Resource Allocation in Networked Systems
M Abdallah - 2022 - hammer.purdue.edu
Facing increasingly sophisticated attacks from external adversaries, interdependent systems
owners have to judiciously allocate their (often limited) security budget in order to reduce …
owners have to judiciously allocate their (often limited) security budget in order to reduce …
Inferring Attack Paths in Networks with Periodic Topology Changes
F Hao, Z Wang, M Shi, T Peng… - 2022 IEEE Smartworld …, 2022 - ieeexplore.ieee.org
The attack graph model is an effective method for analyzing multi-step attacks. Most existing
related works only focus on networks with static topology and are unsuitable for the satellite …
related works only focus on networks with static topology and are unsuitable for the satellite …
[PDF][PDF] Investigating the Impact of Sink State Merging on Alert-Driven Attack Graphs
A Dumitriu - Delft University of Technology, 2023 - repository.tudelft.nl
This research paper focuses on the complex domain of alert-driven attack graphs. SAGE is a
tool which generates such attack graphs (AGs) by using a suffix-based probabilistic …
tool which generates such attack graphs (AGs) by using a suffix-based probabilistic …