loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Ian Herwono and Fadi Ali El-Moussa

Affiliation: BT, United Kingdom

Keyword(s): Cyber Security, Attack Patterns, Pattern Recognition System, Knowledge Sharing.

Related Ontology Subjects/Areas/Topics: Internet Technology ; Intrusion Detection and Response ; Web Information Systems and Technologies

Abstract: Cyber-attacks that are conducted in multiple stages over short or long periods of time are becoming more common. One approach for detecting such attacks at an early stage is to make use of attack patterns and attack signatures to provide a structure for correlating events collected from various sensors in the network. In this paper, we present our ongoing work on a pattern recognition system that aims to support cyber-defence analysts in sharing their attack knowledge and threat intelligence in the form of attack patterns or scenarios that can later be used to discover potential security breaches in their network. Our main goal is to allow the analysts to associate the attack patterns with their own organisation’s security data and thus benefit from the collective attack knowledge without revealing any confidential information. We present the architecture of the system and describe a typical process for modelling multi-stage attacks. We demonstrate how its analytics engine interprets an attack pattern, tasks the data source agents to fetch and correlate relevant security events, and reports the results back for visualisation and further investigation. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 44.200.169.91

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Herwono, I. and El-Moussa, F. (2017). A Collaborative Tool for Modelling Multi-stage Attacks. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-209-7; ISSN 2184-4356, SciTePress, pages 312-317. DOI: 10.5220/0006137103120317

@conference{icissp17,
author={Ian Herwono. and Fadi Ali El{-}Moussa.},
title={A Collaborative Tool for Modelling Multi-stage Attacks},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP},
year={2017},
pages={312-317},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006137103120317},
isbn={978-989-758-209-7},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP
TI - A Collaborative Tool for Modelling Multi-stage Attacks
SN - 978-989-758-209-7
IS - 2184-4356
AU - Herwono, I.
AU - El-Moussa, F.
PY - 2017
SP - 312
EP - 317
DO - 10.5220/0006137103120317
PB - SciTePress