M. S. Awan, Mohammed A. Alghamdi, Sultan H. Almotiri, P. Burnap, O. Rana
{"title":"基于发生模式的不同网络攻击分类框架","authors":"M. S. Awan, Mohammed A. Alghamdi, Sultan H. Almotiri, P. Burnap, O. Rana","doi":"10.1145/2799979.2800037","DOIUrl":null,"url":null,"abstract":"An increasingly mature, stealthy and dynamic techniques and attack vectors used by cyber criminals have made the critical network infrastructure more vulnerable to security breaches. Following 'Bring Your Own Device (BYOD)' policies and remote-work style of accessing network infra structure leaves the whole network vulnerable to new unknown malware, botnets, advanced persistent threats, coordinated attack patterns, etc., in addition to existing vulnerabilities inherent in software applications. Such an environment demands a network administrator to understand the nature and patterns of cyber-attacks targeting the network infra structure so that appropriate measures could be introduced. In this paper we propose a framework to classify cyber-attacks based on their pattern of occurrence. We validate the classification approach using real malicious traffic logs by focusing on: i) temporal behaviour of cyber-attacks; ii) correlation between cyber-attacks; and iii) targeted software applications.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A classification framework for distinct cyber-attacks based on occurrence patterns\",\"authors\":\"M. S. Awan, Mohammed A. Alghamdi, Sultan H. Almotiri, P. Burnap, O. Rana\",\"doi\":\"10.1145/2799979.2800037\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An increasingly mature, stealthy and dynamic techniques and attack vectors used by cyber criminals have made the critical network infrastructure more vulnerable to security breaches. Following 'Bring Your Own Device (BYOD)' policies and remote-work style of accessing network infra structure leaves the whole network vulnerable to new unknown malware, botnets, advanced persistent threats, coordinated attack patterns, etc., in addition to existing vulnerabilities inherent in software applications. Such an environment demands a network administrator to understand the nature and patterns of cyber-attacks targeting the network infra structure so that appropriate measures could be introduced. In this paper we propose a framework to classify cyber-attacks based on their pattern of occurrence. We validate the classification approach using real malicious traffic logs by focusing on: i) temporal behaviour of cyber-attacks; ii) correlation between cyber-attacks; and iii) targeted software applications.\",\"PeriodicalId\":293190,\"journal\":{\"name\":\"Proceedings of the 8th International Conference on Security of Information and Networks\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 8th International Conference on Security of Information and Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2799979.2800037\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 8th International Conference on Security of Information and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2799979.2800037","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A classification framework for distinct cyber-attacks based on occurrence patterns
An increasingly mature, stealthy and dynamic techniques and attack vectors used by cyber criminals have made the critical network infrastructure more vulnerable to security breaches. Following 'Bring Your Own Device (BYOD)' policies and remote-work style of accessing network infra structure leaves the whole network vulnerable to new unknown malware, botnets, advanced persistent threats, coordinated attack patterns, etc., in addition to existing vulnerabilities inherent in software applications. Such an environment demands a network administrator to understand the nature and patterns of cyber-attacks targeting the network infra structure so that appropriate measures could be introduced. In this paper we propose a framework to classify cyber-attacks based on their pattern of occurrence. We validate the classification approach using real malicious traffic logs by focusing on: i) temporal behaviour of cyber-attacks; ii) correlation between cyber-attacks; and iii) targeted software applications.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
