| Presentation | 2017-03-14 Representation for Attack Activity to Associate Threat Information Daiki Ito, Kenta Nomura, Masaki Kamizono, Yoshiaki Shiraishi, Yasuhiro Takano, Masami Mohri, Yuji Hoshizawa, Masakatu Morii, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | As sophisticated and complicated cyber attacks become a social problem, Threat Intelligence, in which new knowledge obtained from diversified analysis of various information on cyber security is utilized for security measures, has attracted attention in recent years It is important to analyze the attack activity of adversary in Threat Intelligence. There is modeling of attack activity as a method for analyzing it. By using “Diamond Model” which is one of the modeling methods, a series of attack activity can be expressed as graph, which is called “activity thread”. In this paper, we assume that the characteristics and trends of attack activity appear in the structure of “activity thread” and propose a method to associate different attack activities with “activity thread.” We make a numerical experiment to check the effectiveness. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Diamond Model / Threat Intelligence / Graph structure / Data-Driven Fingerprints |
| Paper # | ICSS2016-64 |
| Date of Issue | 2017-03-06 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2017/3/13(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | University of Nagasaki |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | System Security, etc. |
| Chair | Yutaka Miyake(KDDI R&D Labs.) |
| Vice Chair | Yoshiaki Shiraishi(Kobe Univ.) / Takeshi Ueda(Mitsubishi Electric) |
| Secretary | Yoshiaki Shiraishi(NII) / Takeshi Ueda(Yokohama National Univ.) |
| Assistant | Kazunori Kamiya(NTT) / Takahiro Kasama(NICT) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Representation for Attack Activity to Associate Threat Information |
| Sub Title (in English) | |
| Keyword(1) | Diamond Model |
| Keyword(2) | Threat Intelligence |
| Keyword(3) | Graph structure |
| Keyword(4) | Data-Driven Fingerprints |
| 1st Author's Name | Daiki Ito |
| 1st Author's Affiliation | Kobe University(Kobe Univ.) |
| 2nd Author's Name | Kenta Nomura |
| 2nd Author's Affiliation | Kobe University(Kobe Univ.) |
| 3rd Author's Name | Masaki Kamizono |
| 3rd Author's Affiliation | PwC Cyber Services(PwC Cyber Services) |
| 4th Author's Name | Yoshiaki Shiraishi |
| 4th Author's Affiliation | Kobe University(Kobe Univ.) |
| 5th Author's Name | Yasuhiro Takano |
| 5th Author's Affiliation | Kobe University(Kobe Univ.) |
| 6th Author's Name | Masami Mohri |
| 6th Author's Affiliation | Gifu University(Gifu Univ.) |
| 7th Author's Name | Yuji Hoshizawa |
| 7th Author's Affiliation | PwC Cyber Services(PwC Cyber Services) |
| 8th Author's Name | Masakatu Morii |
| 8th Author's Affiliation | Kobe University(Kobe Univ.) |
| Date | 2017-03-14 |
| Paper # | ICSS2016-64 |
| Volume (vol) | vol.116 |
| Number (no) | ICSS-522 |
| Page | pp.pp.147-152(ICSS), |
| #Pages | 6 |
| Date of Issue | 2017-03-06 (ICSS) |