Visible to the public A Framework for Generation, Replay and Analysis of Real-World Attack VariantsConflict Detection Enabled

TitleA Framework for Generation, Replay and Analysis of Real-World Attack Variants
Publication TypeConference Paper
Year of Publication2016
AuthorsPhuong Cao, University of Illinois at Urbana-Champaign, Eric Badger, University of Illinois at Urbana-Champaign, Zbigniew Kalbarczyk, University of Illinois at Urbana-Champaign, Ravishankar Iyer, University of Illinois at Urbana-Champaign
Conference NameSymposium and Bootcamp for the Science of Security (HotSoS 2016)
Date Published04/2016
PublisherACM
Conference LocationPittsburgh, PA
Keywordscyber attack, Cyber Attacks, Data Driven Security Models and Analysis, NSA SoS Lablets Materials, science of security, threat model, UIUC
Abstract

This paper presents a framework for (1) generating variants of known attacks, (2) replaying attack variants in an isolated environment and, (3) validating detection capabilities of attack detection techniques against the variants. Our framework facilitates reproducible security experiments. We generated 648 variants of three real-world attacks (observed at the National Center for Supercomputing Applications at the University of Illinois). Our experiment showed the value of generating attack variants by quantifying the detection capabilities of three detection methods: a signature-based detection technique, an anomaly-based detection technique, and a probabilistic graphical model-based technique.

URLhttp://publish.illinois.edu/science-of-security-lablet/files/2014/05/A-Framework-for-Genteration-Rep...
Citation Keynode-29817

Other available formats:

A Framework for Generation Replay and Analysis of Real-World Attack Variants