Estimating Application Cyberthreat Impact Score for Honeypot Coverage Prioritization

2022 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom) Pub Date : 2022-07-12 DOI:10.1109/CoBCom55489.2022.9880757

Matej Kren, A. Kos, Urban Sedlar

{"title":"Estimating Application Cyberthreat Impact Score for Honeypot Coverage Prioritization","authors":"Matej Kren, A. Kos, Urban Sedlar","doi":"10.1109/CoBCom55489.2022.9880757","DOIUrl":null,"url":null,"abstract":"Honeypots are one of the important mechanisms in cybersecurity; they represent resources that appear interesting to attackers - either computing resources or data - but are deployed with the sole purpose of studying the techniques and tools of the attackers themselves. As such they are an invaluable resource for detecting the attacks, tools, and for protecting the systems, and many novel domains of application exist. In this paper we present a metric for evaluating the attractiveness of new types of honeypots, that aims to strike a balance between attractiveness of the honeypot for attackers and the real-world popularity of the mimicked system, which is reflected in the usefulness of the collected data. The score is based on the vulnerability density, breach cost, effectiveness of countermeasures, the compliance index, and the size of the real-world install base of the application. A practical calculation is presented based on the proposed formula.","PeriodicalId":131597,"journal":{"name":"2022 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CoBCom55489.2022.9880757","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Honeypots are one of the important mechanisms in cybersecurity; they represent resources that appear interesting to attackers - either computing resources or data - but are deployed with the sole purpose of studying the techniques and tools of the attackers themselves. As such they are an invaluable resource for detecting the attacks, tools, and for protecting the systems, and many novel domains of application exist. In this paper we present a metric for evaluating the attractiveness of new types of honeypots, that aims to strike a balance between attractiveness of the honeypot for attackers and the real-world popularity of the mimicked system, which is reflected in the usefulness of the collected data. The score is based on the vulnerability density, breach cost, effectiveness of countermeasures, the compliance index, and the size of the real-world install base of the application. A practical calculation is presented based on the proposed formula.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

蜜罐覆盖优先级的应用网络威胁影响评分估计

蜜罐是网络安全的重要机制之一;它们代表攻击者感兴趣的资源——计算资源或数据——但部署的唯一目的是研究攻击者自己的技术和工具。因此，它们是检测攻击、工具和保护系统的宝贵资源，并且存在许多新的应用程序领域。在本文中，我们提出了一个评估新型蜜罐吸引力的指标，其目的是在蜜罐对攻击者的吸引力和模拟系统在现实世界中的受欢迎程度之间取得平衡，这反映在收集数据的有用性上。该分数基于漏洞密度、泄露成本、对策有效性、遵从性指数以及应用程序实际安装基础的大小。根据所提出的公式进行了实际计算。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2022 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom)

自引率

0.00%

发文量