Multimodal Graph Analysis of Cyber Attacks

机译：网络攻击的多峰图分析

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

The limited information on the cyberattacks available in the unclassified regime, hardens standardizing the analysis. We address the problem of modeling and analyzing cyberattacks using a multimodal graph approach. We formulate the stages, actors, and outcomes of cyberattacks as a multimodal graph. Multimodal graph nodes include cyberattack victims, adversaries, autonomous systems, and the observed cyber events. In multimodal graphs, single-modality graphs are interconnected according to their interaction. We apply community and centrality analysis on the graph to obtain in-depth insights into the attack. In community analysis, we cluster those nodes that exhibit “strong” inter-modal ties. We further use centrality to rank the nodes according to their importance. Classifying nodes according to centrality provides the progression of the attack from the attacker to the targeted nodes. We apply our methods to two popular case studies, namely GhostNet and Putter Panda and demonstrate a clear distinction in the attack stages.

机译：在未分类状态下，有关网络攻击的信息有限，这使得分析标准化变得更加困难。我们解决了使用多峰图方法对网络攻击进行建模和分析的问题。我们将网络攻击的阶段，参与者和结果表述为多模式图。多峰图节点包括网络攻击的受害者，对手，自治系统和观察到的网络事件。在多峰图中，单峰图根据它们的相互作用而相互连接。我们在图表上应用社区和中心性分析，以获得对攻击的深入了解。在社区分析中，我们将那些表现出“强大”联运关系的节点聚在一起。我们进一步使用中心性来根据节点的重要性对节点进行排名。根据中心性对节点进行分类可提供从攻击者到目标节点的攻击过程。我们将我们的方法应用于两个流行的案例研究，即GhostNet和Putter Panda，并证明了在攻击阶段的明显区别。

著录项

来源
《2019 Spring Simulation Conference》|2019年|1-12|共12页
会议地点 Tucson(US)
作者
Nirnimesh Ghose; Loukas Lazos; Jerzy Rozenblit; Ronald Breiger;
展开▼
作者单位

Department of Electrical and Computer Engineering, University of Arizona, Tucson, AZ;

Department of Electrical and Computer Engineering, University of Arizona, Tucson, AZ;

Department of Electrical and Computer Engineering, University of Arizona, Tucson, AZ;

School of Sociology, University of Arizona, Tucson, AZ;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Cyberattack; Autonomous systems; IP networks; Malware; Analytical models; Computational modeling;

机译：网络攻击;自治系统; IP网络;恶意软件;分析模型;计算模型;;

相似文献

外文文献
中文文献
专利

1. From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks [J] . Polatidis Nikolaos, Pimenidis Elias, Pavlidis Michalis, Evolving Systems . 2020,第3期

机译：从产品推荐到网络攻击预测：生成攻击图并预测未来的攻击
2. Interdicting attack graphs to protect organizations from cyber attacks: A bi-level defender-attacker model [J] . Nandi Apurba K., Medal Hugh R., Vadlamani Satish Computers & operations research . 2016,第nova期

机译：拦截攻击图以保护组织免受网络攻击：双层防御者-攻击者模型
3. Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic [J] . Harjinder Singh Lallie, Lynsay A. Shepherd, Jason R.C.Nurse, Computers & Security . 2021,第Juna期

机译：Covid of Covid-19：19：大流行期间的网络犯罪和网络攻击时间表和分析
4. Multimodal Graph Analysis of Cyber Attacks [C] . Nirnimesh Ghose, Loukas Lazos, Jerzy Rozenblit, Spring Simulation Conference . 2019

机译：网络攻击的多峰图分析
5. Cyber-attacks on police departments: Analysis of cyber attack vulnerabilities on police digital infrastructures. [D] . Coop, John. 2016

机译：警察部门的网络攻击：分析警察数字基础设施上的网络攻击漏洞。
6. A Self-Diagnosis Method for Detecting UAV Cyber Attacks Based on Analysis of Parameter Changes [O] . Elena Basan, Alexandr Basan, Alexey Nekrasov, 2021

机译：基于参数变化分析检测UAV网络攻击的自诊断方法
7. Multimodal Graph Analysis of Cyber Attacks [O] . Nirnimesh Ghose, Loukas Lazos, Jerzy Rozenblit, 2019

机译：网络攻击的多峰图分析

Multimodal Graph Analysis of Cyber Attacks

摘要

著录项

相似文献

相关主题

期刊订阅