Securing the Cyber Supply Chain: A Risk-based Approach to Threat Assessment and Mitigation

2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC) Pub Date : 2023-07-06 DOI:10.1109/ICESC57686.2023.10193255

L. Prathyusha, Vadlamudi Jhansi, A. Madhuri, E. Jyothi, Sampreeth Chowdary, S. Sindhura

{"title":"Securing the Cyber Supply Chain: A Risk-based Approach to Threat Assessment and Mitigation","authors":"L. Prathyusha, Vadlamudi Jhansi, A. Madhuri, E. Jyothi, Sampreeth Chowdary, S. Sindhura","doi":"10.1109/ICESC57686.2023.10193255","DOIUrl":null,"url":null,"abstract":"The system of Cyber Supply Chain (CSC) is characterized by its complexity, consisting of several subsystems, each responsible for a distinct set of responsibilities. Securing the supply chain presents a challenge due to the presence of vulnerabilities and threats throughout the system that has the potential to be taken advantage of at any time, considering that any component of the system is susceptible to such attacks. As a result, supply chain security is difficult to achieve. This has the potential to create a significant interruption to the overall continuity of the company. Therefore, it is of the utmost importance to identify the hazards and make educated guesses about their likely outcomes so that organizations can take the appropriate precautions to ensure the safety of their supply chains. By leveraging a range of factors, such as the expertise and incentives of threat actors, Tactics, Techniques, and Procedures (TT and P), as well as Indicators of Compromise (IoC), the analysis of Cyber Threat Intelligence (CTI) offers valuable information on both identified ansignd unidentified cybersecurity threats. In order to increase the safety of the cyber supply chain, the purpose of this article is to investigate and speculate on potential dangers. The CTI and Machine Learning (ML) approaches have been employed by us in order to study and forecast the risks based on the CTI attributes. This makes it possible to detect the inherent CSC vulnerabilities, which enables suitable control. To enhance the overall security of computer systems, it is imperative to implement specific actions, including the collection of CTI data and the adoption of various machine learning techniques. These techniques encompass Logistic Regression (LG), Support Vector Machine (SVM), Random Forest (RF), Decision Tree (DT), Cat Boost, and Gradient Boost, which are employed in analyzing the Microsoft Malware Prediction dataset to create predictive analytics. This is done in order to illustrate that the technique can be applied to a variety of situations.As input parameters, the experiment takes into account the assault and the TTP, while as output parameters, it takes into account vulnerabilities and indicators of compromise (IoC). According to the findings of the investigation, the most foreseen dangers in CSC are spyware and ransomware, as well as spear phishing. When it came to forecasting vulnerabilities, the predictive models that were produced using the Random Forest algorithm obtained the best accuracy rate of 91%, while the predictive models that were developed using the LR method earned the highest accuracy rate of 86%. In light of the results, the paper strongly advise putting appropriate controls into place in order to combat these dangers. The paper strongly recommend that the ML predicate model make use of CTI data in order to improve the CSC’s cyber security on the whole.","PeriodicalId":235381,"journal":{"name":"2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICESC57686.2023.10193255","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The system of Cyber Supply Chain (CSC) is characterized by its complexity, consisting of several subsystems, each responsible for a distinct set of responsibilities. Securing the supply chain presents a challenge due to the presence of vulnerabilities and threats throughout the system that has the potential to be taken advantage of at any time, considering that any component of the system is susceptible to such attacks. As a result, supply chain security is difficult to achieve. This has the potential to create a significant interruption to the overall continuity of the company. Therefore, it is of the utmost importance to identify the hazards and make educated guesses about their likely outcomes so that organizations can take the appropriate precautions to ensure the safety of their supply chains. By leveraging a range of factors, such as the expertise and incentives of threat actors, Tactics, Techniques, and Procedures (TT and P), as well as Indicators of Compromise (IoC), the analysis of Cyber Threat Intelligence (CTI) offers valuable information on both identified ansignd unidentified cybersecurity threats. In order to increase the safety of the cyber supply chain, the purpose of this article is to investigate and speculate on potential dangers. The CTI and Machine Learning (ML) approaches have been employed by us in order to study and forecast the risks based on the CTI attributes. This makes it possible to detect the inherent CSC vulnerabilities, which enables suitable control. To enhance the overall security of computer systems, it is imperative to implement specific actions, including the collection of CTI data and the adoption of various machine learning techniques. These techniques encompass Logistic Regression (LG), Support Vector Machine (SVM), Random Forest (RF), Decision Tree (DT), Cat Boost, and Gradient Boost, which are employed in analyzing the Microsoft Malware Prediction dataset to create predictive analytics. This is done in order to illustrate that the technique can be applied to a variety of situations.As input parameters, the experiment takes into account the assault and the TTP, while as output parameters, it takes into account vulnerabilities and indicators of compromise (IoC). According to the findings of the investigation, the most foreseen dangers in CSC are spyware and ransomware, as well as spear phishing. When it came to forecasting vulnerabilities, the predictive models that were produced using the Random Forest algorithm obtained the best accuracy rate of 91%, while the predictive models that were developed using the LR method earned the highest accuracy rate of 86%. In light of the results, the paper strongly advise putting appropriate controls into place in order to combat these dangers. The paper strongly recommend that the ML predicate model make use of CTI data in order to improve the CSC’s cyber security on the whole.

查看原文本刊更多论文

保护网络供应链:基于风险的威胁评估和缓解方法

网络供应链系统的特点是其复杂性，由多个子系统组成，每个子系统负责一组不同的职责。由于整个系统存在漏洞和威胁，考虑到系统的任何组件都容易受到此类攻击，因此在任何时候都有可能被利用，因此确保供应链的安全是一项挑战。因此，供应链安全很难实现。这有可能对公司的整体连续性造成重大中断。因此，识别危害并对其可能的结果做出有根据的猜测是至关重要的，这样组织就可以采取适当的预防措施来确保其供应链的安全。通过利用一系列因素，如威胁行为者的专业知识和动机、战术、技术和程序(TT和P)以及妥协指标(IoC)，网络威胁情报(CTI)分析提供了有关已识别或未识别网络安全威胁的宝贵信息。为了提高网络供应链的安全性，本文的目的是调查和推测潜在的危险。为了研究和预测基于CTI属性的风险，我们采用了CTI和机器学习(ML)方法。这使得检测固有的CSC漏洞成为可能，从而实现适当的控制。为了加强电脑系统的整体安全，必须采取具体的行动，包括收集电脑呼叫中心数据和采用各种机器学习技术。这些技术包括逻辑回归(LG)，支持向量机(SVM)，随机森林(RF)，决策树(DT)， Cat Boost和梯度Boost，用于分析微软恶意软件预测数据集以创建预测分析。这样做是为了说明该技术可以应用于各种情况。实验的输入参数考虑了攻击和TTP，输出参数考虑了漏洞和妥协指标(IoC)。根据调查结果，CSC最可预见的危险是间谍软件和勒索软件，以及鱼叉式网络钓鱼。在漏洞预测方面，使用随机森林算法生成的预测模型准确率最高，为91%，而使用LR方法开发的预测模型准确率最高，为86%。鉴于这些结果，论文强烈建议采取适当的控制措施，以对抗这些危险。本文强烈建议ML谓词模型利用CTI数据，从整体上提高CSC的网络安全。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC)

自引率

0.00%

发文量