at&ck本体的设计及其在网络安全中的应用

Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham
{"title":"at&ck本体的设计及其在网络安全中的应用","authors":"Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham","doi":"10.1145/3577923.3585051","DOIUrl":null,"url":null,"abstract":"The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.","PeriodicalId":387479,"journal":{"name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Design of an Ontology for ATT&CK and its Application to Cybersecurity\",\"authors\":\"Khandakar Ashrafi Akbar, Sadaf Md Halim, A. Singhal, Basel Abdeen, L. Khan, B. Thuraisingham\",\"doi\":\"10.1145/3577923.3585051\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.\",\"PeriodicalId\":387479,\"journal\":{\"name\":\"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-04-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3577923.3585051\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3577923.3585051","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

计算机网络和系统内攻击的蔓延可能对个人和组织造成严重后果。防止攻击传播的一种方法是使用本体论援助,即使用本体论提供关于攻击及其组件的知识的结构化表示,特别是那些经常伪装自己以在系统中长时间不被发现的组件。一旦发现这种攻击的一个特定阶段,就必须减少扩散的数量,以免造成永久性损害。为此,安全分析师必须从行为的角度归结为技术细节,以便采取适当的防御措施。我们提出了一个本体,它将帮助安全分析人员找出需要修补的漏洞列表,从而防止正在进行的攻击活动进一步传播。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
The Design of an Ontology for ATT&CK and its Application to Cybersecurity
The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信