Janus: A two-sided analytical model for multi-stage coordinated attacks

Zonghua Zhang, Pin Han Ho, Xiaodong Lin, Hong Shen

研究成果: Conference contribution同行評審

7 引文 斯高帕斯(Scopus)

摘要

The multi-stage coordinated attack (MSCA) bring many challenges to the security analysts due to their special temporal an spadal characteristics. This paper presents a two-sided model, Janus, to characterize and analyze the the behavior of attacker and defender in MSCA. Their behavior is firstly formulated as Multi-agent Partially Observable Markov Decision Process (MPO-MDP), an ANTS algorithm is then developed from the perspective of attacker to approximately search attack schemes with the minimum cost, and another backward searching algorithm APD-BS is designed from the defender's standpoint to seek the pivots of attack schemes in order to effectively countermine them by removing those key observations associated with the system state estimates. Two case studies are conducted to show the application of our models and algorithms to practical scenarios, some preliminary analysis are also given to validate their performance and advantages.

原文English
主出版物標題Information Security and Cryptology - ICISC 2006
主出版物子標題9th International Conference, Proceedings
發行者Springer Verlag
頁面136-154
頁數19
ISBN(列印)3540491120, 9783540491125
DOIs
出版狀態Published - 2006
對外發佈
事件ICISC 2006: 9th International Conference on Information Security and Cryptology - Busan, Korea, Republic of
持續時間: 30 11月 20061 12月 2006

出版系列

名字Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
4296 LNCS
ISSN(列印)0302-9743
ISSN(電子)1611-3349

Conference

ConferenceICISC 2006: 9th International Conference on Information Security and Cryptology
國家/地區Korea, Republic of
城市Busan
期間30/11/061/12/06

指紋

深入研究「Janus: A two-sided analytical model for multi-stage coordinated attacks」主題。共同形成了獨特的指紋。

引用此