Combining Dynamic and Static Attack Information for Attack Tracing and Event Correlation

Adel Alshamrani, Ankur Chowdhary, Oussama Mjihil, Sowmya Myneni, Dijiang Huang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Many sophisticated attacks, e.g. Advanced Persistent Threats (APTs), have emerged with a variety of different attack forms. APT employs a wide range of sophisticated reconnaissance and information-gathering tools, as well as attack tools and methods. The diversity and stealthiness of APT make it a challenging threat to current networking systems. The attackers are very skilled and try to hide in a system undetected for a long period of time with the incentive to steal and collect invaluable Current commonly used solutions (firewalls, Intrusion Detection Systems, proxies, etc.) show the limited efficiency of detecting APT. Thus, in this paper, we design a solution that is based on multi-source data combination to learn the adversarial behavior of suspicious users as well as to optimally select a proper countermeasure.

Original languageEnglish (US)
Title of host publication2018 IEEE Global Communications Conference, GLOBECOM 2018 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538647271
DOIs
StatePublished - Feb 20 2019
Event2018 IEEE Global Communications Conference, GLOBECOM 2018 - Abu Dhabi, United Arab Emirates
Duration: Dec 9 2018Dec 13 2018

Publication series

Name2018 IEEE Global Communications Conference, GLOBECOM 2018 - Proceedings

Conference

Conference2018 IEEE Global Communications Conference, GLOBECOM 2018
CountryUnited Arab Emirates
CityAbu Dhabi
Period12/9/1812/13/18

    Fingerprint

Keywords

  • Advanced Persistent Threats
  • Attack Graph
  • Intrusion Detection Systems

ASJC Scopus subject areas

  • Information Systems and Management
  • Renewable Energy, Sustainability and the Environment
  • Safety, Risk, Reliability and Quality
  • Signal Processing
  • Modeling and Simulation
  • Instrumentation
  • Computer Networks and Communications

Cite this

Alshamrani, A., Chowdhary, A., Mjihil, O., Myneni, S., & Huang, D. (2019). Combining Dynamic and Static Attack Information for Attack Tracing and Event Correlation. In 2018 IEEE Global Communications Conference, GLOBECOM 2018 - Proceedings [8647326] (2018 IEEE Global Communications Conference, GLOBECOM 2018 - Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/GLOCOM.2018.8647326