{"title":"On Coverage-Based Attack Profiles","authors":"A. Rivers, M. Vouk, L. Williams","doi":"10.1109/SERE-C.2014.15","DOIUrl":null,"url":null,"abstract":"Automated cyber attacks tend to be schedule and resource limited. The primary progress metric is often \"coverage\" of pre-determined \"known\" vulnerabilities that may not have been patched, along with possible zero-day exploits (if such exist). We present and discuss a hypergeometric process model that describes such attack patterns. We used web request signatures from the logs of a production web server to assess the applicability of the model.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"121 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2014.15","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Automated cyber attacks tend to be schedule and resource limited. The primary progress metric is often "coverage" of pre-determined "known" vulnerabilities that may not have been patched, along with possible zero-day exploits (if such exist). We present and discuss a hypergeometric process model that describes such attack patterns. We used web request signatures from the logs of a production web server to assess the applicability of the model.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
