KIT | KIT-Bibliothek | Impressum | Datenschutz

Attack Forecast and Prediction

Kaiser, Florian; Budig, Tobias; Goebel, Elisabeth; Fischer, Tessa; Muff, Jurek; Wiens, Marcus; Schultmann, Frank ORCID iD icon

Abstract:

Cyber-security has emerged as one of the most pressing issues for society with actors trying to use offensive capabilities and those who try to leverage on defensive capabilities to secure their assets or knowledge. However, in cyber-space attackers oftentimes have a significant first mover advantage leading to a dynamic cat and mouse game with defenders. Cyber Threat Intelligence (CTI) on past attacks bears potentials that can be used by means of predictive analytics to minimize the attackers first mover advantage. Yet, attack prediction is not an established means and automation levels are low. Within this work, we present Attack Forecast and Prediction (𝐴𝐹 𝑃) which is based on MITRE Adversarial Tactics, Techniques and Common Knowledge (ATT&CK). 𝐴𝐹 𝑃 consists of three modules representing different analytical procedures which are clustering, time series analysis, and genetic algorithms. 𝐴𝐹 𝑃 identifies trends in the usage of attack techniques and crafts forecasts and predictions on future malware and the attack techniques used. We rely on time sorting to generate subgraphs of MITRE ATT&CK and evaluate the accuracy of predictions generated by 𝐴𝐹 𝑃 based on these. ... mehr


Verlagsausgabe §
DOI: 10.5445/IR/1000142504
Veröffentlicht am 27.01.2022
Scopus
Zitationen: 1
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Industriebetriebslehre und Industrielle Produktion (IIP)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Proceedingsbeitrag
Publikationsjahr 2021
Sprache Englisch
Identifikator ISSN: 1613-0073
KITopen-ID: 1000142504
Erschienen in C&ESAR 2021: Automation in Cybersecurity ; Proceedings of the 28th Computer & Electronics Security Application Rendezvous co-located with the 6th European Cyber Week (ECW 2021) ; Rennes, France, November 16-17, 2021. Ed.: G. Le Guernic
Veranstaltung Automation in Cybersecurity (C&ESAR 2021), Rennes, Frankreich, 16.11.2021 – 17.11.2021
Verlag CEUR-WS.org
Seiten 77-97
Serie CEUR Workshop Proceedings ; 3056
Schlagwörter Attack Prediction, Cyber Threat Intelligence, Genetic Algorithms
Nachgewiesen in Scopus
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page