Open AccessDetecting new generations of threats using attribute‐based attack graphs
Author(s) -
Nia Mehran Alidoost,
Bahrak Behnam,
Kargahi Mehdi,
Fabian Benjamin
Publication year - 2019
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2018.5409
Subject(s) - computer science , attack model , computer security , attack patterns , matching (statistics) , theoretical computer science , graph , set (abstract data type) , mathematics , intrusion detection system , statistics , programming language
In recent years, the increase in cyber threats has raised many concerns about security and privacy in the digital world. However, new attack methods are often limited to a few core techniques. Here, in order to detect new threat patterns, the authors use an attack graph structure to model unprecedented network traffic. This graph for the unknown attack is matched to a pre‐known threat database, which contains attack graphs related to each known threat. The main challenge is to associate unknown traffics to a family of known threats. For this, the authors utilise random walks and pattern theorem. The authors utilise the pattern theorem and apply it to a set of proposed algorithms for detecting new generations of malicious traffics. Under the assumption of having a proper threat database, the authors argue that for each unknown threat, which belongs to a family of threats, it is possible to find at least one matching pattern with high matching rate and sensitivity.