针对多阶段攻击的攻击者技能水平评估

2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI) Pub Date : 2019-06-01 DOI:10.1109/ECAI46879.2019.9042153

Terézia Mézesová, Pavol Sokol, Tomáš Bajtoš

{"title":"针对多阶段攻击的攻击者技能水平评估","authors":"Terézia Mézesová, Pavol Sokol, Tomáš Bajtoš","doi":"10.1109/ECAI46879.2019.9042153","DOIUrl":null,"url":null,"abstract":"Information security risks caused by difficult to exploit vulnerabilities are often treated with countermeasures as last due to their low likelihood of occurrence and should be given a high priority in security monitoring. In this paper, we propose an evaluation of detected attacks in terms of their difficulty - by assigning them an attacker's skill level. We draw similarities between vulnerability's exploitability score and aim to evaluate intrusion detection system alerts within the same framework. We also present the methodology on attacks from a dataset intended for evaluation of intrusion detection systems.","PeriodicalId":285780,"journal":{"name":"2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Evaluation of Attacker Skill Level for Multi-stage Attacks\",\"authors\":\"Terézia Mézesová, Pavol Sokol, Tomáš Bajtoš\",\"doi\":\"10.1109/ECAI46879.2019.9042153\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information security risks caused by difficult to exploit vulnerabilities are often treated with countermeasures as last due to their low likelihood of occurrence and should be given a high priority in security monitoring. In this paper, we propose an evaluation of detected attacks in terms of their difficulty - by assigning them an attacker's skill level. We draw similarities between vulnerability's exploitability score and aim to evaluate intrusion detection system alerts within the same framework. We also present the methodology on attacks from a dataset intended for evaluation of intrusion detection systems.\",\"PeriodicalId\":285780,\"journal\":{\"name\":\"2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)\",\"volume\":\"74 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ECAI46879.2019.9042153\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ECAI46879.2019.9042153","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

难以利用的漏洞所带来的信息安全风险由于其发生的可能性较低，往往被放在最后处理，在安全监控中应给予高度重视。在本文中，我们提出了一种评估检测到的攻击的难度-通过分配攻击者的技能水平。我们得出了漏洞可利用性评分之间的相似性，目的是在同一框架内评估入侵检测系统警报。我们还介绍了用于评估入侵检测系统的数据集的攻击方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Evaluation of Attacker Skill Level for Multi-stage Attacks

Information security risks caused by difficult to exploit vulnerabilities are often treated with countermeasures as last due to their low likelihood of occurrence and should be given a high priority in security monitoring. In this paper, we propose an evaluation of detected attacks in terms of their difficulty - by assigning them an attacker's skill level. We draw similarities between vulnerability's exploitability score and aim to evaluate intrusion detection system alerts within the same framework. We also present the methodology on attacks from a dataset intended for evaluation of intrusion detection systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)

自引率

0.00%

发文量