loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Masahito Kumazaki 1 ; Hirokazu Hasegawa 2 ; Yukiko Yamaguchi 3 ; Hajime Shimada 3 and Hiroki Takakura 4

Affiliations: 1 Graduate School of Informatics, Nagoya University, Nagoya, Japan ; 2 Information Security Office, Nagoya University, Nagoya, Japan ; 3 Information Technology Center, Nagoya University, Nagoya, Japan ; 4 Center for Cybersecurity Research and Development, National Institute of Informatics, Tokyo, Japan

Keyword(s): Targeted Cyber Attack, Cyber Attack Scenario, Attack Stage.

Abstract: In the current organizational network consisting of multiple branch sites, there is a difference in security between sites, making it difficult to protect against targeted attacks. Therefore, it is important to detect and respond to attacks early, but it is also difficult to achieve this with the current network management. In order to solve this problem, we previously proposed a response support system for multiple sites. This system has two functions. First, it provides recommendations for an incident response by using information of incidents similar to the one. Second function estimates correlations among incidents and targets of cyber attack. To enable recommendations, we also proposed a method for evaluating the similarity of incidents and conducted experiments to investigate its effectiveness. We were able to correctly estimate the similarity of attacks when their attack stages were the same, but not when they were different. The result indicates the necessity to conduct simil arity estimation for the same stage of attacks even if their current stages differ. By investigating stage transitions of attacks, we have to make alignment among their stages. In this paper, we propose a method to expect the attack methods and a system to generate information divided by attack stages. We also confirmed the effectiveness of proposed method by conducting experiments using a simulated cyber attack. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.119.163.95

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Kumazaki, M.; Hasegawa, H.; Yamaguchi, Y.; Shimada, H. and Takakura, H. (2022). Cyber Attack Stage Tracing System based on Attack Scenario Comparison. In Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-553-1; ISSN 2184-4356, SciTePress, pages 587-594. DOI: 10.5220/0010918200003120

@conference{icissp22,
author={Masahito Kumazaki. and Hirokazu Hasegawa. and Yukiko Yamaguchi. and Hajime Shimada. and Hiroki Takakura.},
title={Cyber Attack Stage Tracing System based on Attack Scenario Comparison},
booktitle={Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP},
year={2022},
pages={587-594},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010918200003120},
isbn={978-989-758-553-1},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP
TI - Cyber Attack Stage Tracing System based on Attack Scenario Comparison
SN - 978-989-758-553-1
IS - 2184-4356
AU - Kumazaki, M.
AU - Hasegawa, H.
AU - Yamaguchi, Y.
AU - Shimada, H.
AU - Takakura, H.
PY - 2022
SP - 587
EP - 594
DO - 10.5220/0010918200003120
PB - SciTePress