{"title":"SecKG:利用知识图进行攻击检测和预测","authors":"Siwar Kriaa, Yahia Chaabane","doi":"10.1109/ICICS52457.2021.9464587","DOIUrl":null,"url":null,"abstract":"Advanced persistent threats targeting sensitive corporations, are becoming today stealthier and more complex, coordinating different attacks steps and lateral movements, and trying to stay undetected for long time. Classical security solutions that rely on signature-based detection can be easily thwarted by malware using obfuscation and encryption techniques. More recent solutions are using machine learning approaches for detecting outliers. Nevertheless, the majority of them reason on tabular unstructured data which can lead to missing obvious conclusions. We propose in this paper a novel approach that leverages a combination of both knowledge graphs and machine learning techniques to detect and predict attacks. Using Cyber Threat Intelligence (CTI), we built a knowledge graph that processes event logs in order to not only detect attack techniques, but also learn how to predict them.","PeriodicalId":421803,"journal":{"name":"2021 12th International Conference on Information and Communication Systems (ICICS)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"SecKG: Leveraging attack detection and prediction using knowledge graphs\",\"authors\":\"Siwar Kriaa, Yahia Chaabane\",\"doi\":\"10.1109/ICICS52457.2021.9464587\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Advanced persistent threats targeting sensitive corporations, are becoming today stealthier and more complex, coordinating different attacks steps and lateral movements, and trying to stay undetected for long time. Classical security solutions that rely on signature-based detection can be easily thwarted by malware using obfuscation and encryption techniques. More recent solutions are using machine learning approaches for detecting outliers. Nevertheless, the majority of them reason on tabular unstructured data which can lead to missing obvious conclusions. We propose in this paper a novel approach that leverages a combination of both knowledge graphs and machine learning techniques to detect and predict attacks. Using Cyber Threat Intelligence (CTI), we built a knowledge graph that processes event logs in order to not only detect attack techniques, but also learn how to predict them.\",\"PeriodicalId\":421803,\"journal\":{\"name\":\"2021 12th International Conference on Information and Communication Systems (ICICS)\",\"volume\":\"106 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-05-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 12th International Conference on Information and Communication Systems (ICICS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICICS52457.2021.9464587\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 12th International Conference on Information and Communication Systems (ICICS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICS52457.2021.9464587","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SecKG: Leveraging attack detection and prediction using knowledge graphs
Advanced persistent threats targeting sensitive corporations, are becoming today stealthier and more complex, coordinating different attacks steps and lateral movements, and trying to stay undetected for long time. Classical security solutions that rely on signature-based detection can be easily thwarted by malware using obfuscation and encryption techniques. More recent solutions are using machine learning approaches for detecting outliers. Nevertheless, the majority of them reason on tabular unstructured data which can lead to missing obvious conclusions. We propose in this paper a novel approach that leverages a combination of both knowledge graphs and machine learning techniques to detect and predict attacks. Using Cyber Threat Intelligence (CTI), we built a knowledge graph that processes event logs in order to not only detect attack techniques, but also learn how to predict them.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
