at&ck本体的设计及其在网络安全中的应用

Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy Pub Date : 2023-04-24 DOI:10.1145/3577923.3585051

Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham

{"title":"at&ck本体的设计及其在网络安全中的应用","authors":"Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham","doi":"10.1145/3577923.3585051","DOIUrl":null,"url":null,"abstract":"The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Design of an Ontology for ATT&CK and its Application to Cybersecurity\",\"authors\":\"Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham\",\"doi\":\"10.1145/3577923.3585051\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.\",\"PeriodicalId\":387479,\"journal\":{\"name\":\"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-04-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3577923.3585051\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3577923.3585051","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

计算机网络和系统内攻击的蔓延可能对个人和组织造成严重后果。防止攻击传播的一种方法是使用本体论援助，即使用本体论提供关于攻击及其组件的知识的结构化表示，特别是那些经常伪装自己以在系统中长时间不被发现的组件。一旦发现这种攻击的一个特定阶段，就必须减少扩散的数量，以免造成永久性损害。为此，安全分析师必须从行为的角度归结为技术细节，以便采取适当的防御措施。我们提出了一个本体，它将帮助安全分析人员找出需要修补的漏洞列表，从而防止正在进行的攻击活动进一步传播。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

The Design of an Ontology for ATT&CK and its Application to Cybersecurity

The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy

自引率

0.00%

发文量