@inproceedings{e6987711d3bb45e5b06b2e2bb1585915,
title = "Janus: A two-sided analytical model for multi-stage coordinated attacks",
abstract = "The multi-stage coordinated attack (MSCA) bring many challenges to the security analysts due to their special temporal an spadal characteristics. This paper presents a two-sided model, Janus, to characterize and analyze the the behavior of attacker and defender in MSCA. Their behavior is firstly formulated as Multi-agent Partially Observable Markov Decision Process (MPO-MDP), an ANTS algorithm is then developed from the perspective of attacker to approximately search attack schemes with the minimum cost, and another backward searching algorithm APD-BS is designed from the defender's standpoint to seek the pivots of attack schemes in order to effectively countermine them by removing those key observations associated with the system state estimates. Two case studies are conducted to show the application of our models and algorithms to practical scenarios, some preliminary analysis are also given to validate their performance and advantages.",
author = "Zonghua Zhang and Ho, {Pin Han} and Xiaodong Lin and Hong Shen",
year = "2006",
doi = "10.1007/11927587_13",
language = "English",
isbn = "3540491120",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "136--154",
booktitle = "Information Security and Cryptology - ICISC 2006",
address = "Germany",
note = "ICISC 2006: 9th International Conference on Information Security and Cryptology ; Conference date: 30-11-2006 Through 01-12-2006",
}