Visible to the public Automated Generation of Attack Signatures in Attack GraphsConflict Detection Enabled

TitleAutomated Generation of Attack Signatures in Attack Graphs
Publication TypePresentation
Year of Publication2016
AuthorsPhuong Cao, University of Illinois at Urbana-Champaign
KeywordsData Driven Security Models and Analysis, factor graphs, NSA SoS Lablets Materials, science of security, UIUC
Abstract

In this talk, we investigate applications of Factor Graphs to automatically generate attack signatures from security logs and domain expert knowledge. We demonstrate advantages of Factor Graphs over traditional probabilistic graphical models such as Bayesian Networks and Markov Random Fields in modeling security attacks. We illustrate Factor Graphs models using case studies of real attacks observed in the wild and at the National Center for Supercomputing Applications. Finally, we investigate how factor functions, a core component of Factor Graphs, can be constructed automatically to potentially improve detection accuracy and allow generalization of trained Factor Graph models in a variety of systems.

Notes

Presentation for Information Trust Institute Joint Trust and Security/Science of Security Seminar at the University of Illinois at Urbana-Champaign on November 1, 2016.

URLhttps://recordings.engineering.illinois.edu:8443/ess/echo/presentation/d5d8b0aa-1ee0-4608-8c50-6d44a...
Citation Keynode-31619

Other available formats:

11012016 Cao