Modeling and Reconstruction of Multi-stage Attacks

Sergey Rubinshtein, Rami Puzis

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

This paper present a lightweight modeling technique that is suitable for attack description and reconstruction. It allows reconstruction of steps taken by the attacker during each stage using predefined attack ontology and traces left by the attacker. Simplicity and comprehensiveness of the proposed models makes them readable and appropriate for inclusion in incidence reports and investigation. At the same time given a predefined ontology the proposed modeling technique can be used to enhance reconstruction of attacks from forensic data.

Original languageEnglish
Title of host publicationProceedings - 2016 IEEE International Conference on Software Science, Technology and Engineering, SwSTE 2016
PublisherInstitute of Electrical and Electronics Engineers
Pages135-137
Number of pages3
ISBN (Electronic)9781509010189
DOIs
StatePublished - 18 Jul 2016
Event2016 IEEE International Conference on Software Science, Technology and Engineering, SwSTE 2016 - Beer Sheva, Israel
Duration: 23 Jun 201624 Jun 2016

Publication series

NameProceedings - 2016 IEEE International Conference on Software Science, Technology and Engineering, SwSTE 2016

Conference

Conference2016 IEEE International Conference on Software Science, Technology and Engineering, SwSTE 2016
Country/TerritoryIsrael
CityBeer Sheva
Period23/06/1624/06/16

Keywords

  • APT
  • attack model
  • forensic analysis
  • ontology

ASJC Scopus subject areas

  • Modeling and Simulation
  • Software

Fingerprint

Dive into the research topics of 'Modeling and Reconstruction of Multi-stage Attacks'. Together they form a unique fingerprint.

Cite this