Difficulty-level metric for cyber security training

2015 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Pub Date : 2015-03-09 DOI:10.1109/COGSIMA.2015.7108194

Zequn Huang, Chien-Chung Shen, S. Doshi, Nimmi Thomas, Ha Duong

{"title":"Difficulty-level metric for cyber security training","authors":"Zequn Huang, Chien-Chung Shen, S. Doshi, Nimmi Thomas, Ha Duong","doi":"10.1109/COGSIMA.2015.7108194","DOIUrl":null,"url":null,"abstract":"Cyber security training systems work as a suitable learning environment for educating cyber analysts on how to detect and defense before real cyber attacks happen. As training is an iterative process, the assessment component not only assesses the knowledge gained by the cyber analysts, but also adjusts the difficulty of training lessons accordingly based on the analysts' performance. In this paper, we present an attack graph-based probabilistic metric to measure lesson scenarios' difficulty levels. Based on causal relationships between vulnerabilities in an attack graph, we apply Bayesian Reasoning to aggregate individual vulnerabilities into an probabilistic value representing the attackers success likelihood to achieve the attack goal. However, one major complication of using Bayesian Reasoning is that it does not allow for cycles, which exists in attack graphs. We identify different types of cycles in the attack graphs and propose an efficient algorithm to remove cycles while preserving cyclic influence in the probability calculation.","PeriodicalId":373467,"journal":{"name":"2015 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision","volume":"103 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-03-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COGSIMA.2015.7108194","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Cyber security training systems work as a suitable learning environment for educating cyber analysts on how to detect and defense before real cyber attacks happen. As training is an iterative process, the assessment component not only assesses the knowledge gained by the cyber analysts, but also adjusts the difficulty of training lessons accordingly based on the analysts' performance. In this paper, we present an attack graph-based probabilistic metric to measure lesson scenarios' difficulty levels. Based on causal relationships between vulnerabilities in an attack graph, we apply Bayesian Reasoning to aggregate individual vulnerabilities into an probabilistic value representing the attackers success likelihood to achieve the attack goal. However, one major complication of using Bayesian Reasoning is that it does not allow for cycles, which exists in attack graphs. We identify different types of cycles in the attack graphs and propose an efficient algorithm to remove cycles while preserving cyclic influence in the probability calculation.

查看原文本刊更多论文

网络安全培训的难度指标

网络安全培训系统为教育网络分析师如何在真正的网络攻击发生之前发现和防御提供了合适的学习环境。由于培训是一个迭代过程，评估组件不仅评估网络分析师所获得的知识，还根据分析师的表现相应地调整培训课程的难度。在本文中，我们提出了一个基于攻击图的概率度量来衡量课程场景的难度水平。基于攻击图中漏洞之间的因果关系，应用贝叶斯推理将单个漏洞聚合成一个概率值，表示攻击者成功实现攻击目标的可能性。然而，使用贝叶斯推理的一个主要复杂性是它不允许循环，而循环存在于攻击图中。我们在攻击图中识别了不同类型的循环，并提出了一种有效的算法来去除循环，同时在概率计算中保留循环影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision

自引率

0.00%

发文量