Paper Abstract and Keywords |
Presentation |
2017-03-14 11:45
Representation for Attack Activity to Associate Threat Information Daiki Ito, Kenta Nomura (Kobe Univ.), Masaki Kamizono (PwC Cyber Services), Yoshiaki Shiraishi, Yasuhiro Takano (Kobe Univ.), Masami Mohri (Gifu Univ.), Yuji Hoshizawa (PwC Cyber Services), Masakatu Morii (Kobe Univ.) ICSS2016-64 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
As sophisticated and complicated cyber attacks become a social problem, Threat Intelligence, in which new knowledge obtained from diversified analysis of various information on cyber security is utilized for security measures, has attracted attention in recent years It is important to analyze the attack activity of adversary in Threat Intelligence. There is modeling of attack activity as a method for analyzing it. By using “Diamond Model” which is one of the modeling methods, a series of attack activity can be expressed as graph, which is called “activity thread”. In this paper, we assume that the characteristics and trends of attack activity appear in the structure of “activity thread” and propose a method to associate different attack activities with “activity thread.” We make a numerical experiment to check the effectiveness. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Diamond Model / Threat Intelligence / Graph structure / Data-Driven Fingerprints / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 116, no. 522, ICSS2016-64, pp. 147-152, March 2017. |
Paper # |
ICSS2016-64 |
Date of Issue |
2017-03-06 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2016-64 |
|