| Paper Abstract and Keywords |
| Presentation |
2017-03-13 13:25
Modeling of Attack Activity for Integrated Analysis of Threat Information Kenta Nomura, Daiki Ito (Kobe Univ.), Masaki Kamizono (PwC Cyber Services), Yoshiaki Shiraishi, Yasuhiro Takano (Kobe Univ.), Masami Mohri (Gifu Univ.), Yuji Hoshizawa (PwC Cyber Services), Masakatu Morii (Kobe Univ.) ICSS2016-47 |
| Abstract |
(in Japanese) |
(See Japanese page) |
| (in English) |
Cyber attacks targeting specific victims use multiple intrusion routes and various attack methods. In order to combat such diversified cyber attacks, Threat Intelligence which is gathered attack activities, vulnerability information, and so on and is analyzed and organized them to let us utilize are attracted attention. Integrated analysis of the threat information is needed to compose the Threat Intelligence. The threat information can be found in incident reports published by security vendors. However, it is difficult to compare these reports because they are described in various formats defined by vendors. Therefore, in this paper, we apply a modeling framework for the reports and consider deriving the relevance of the reports from similarity and relation between the models. This paper presents the procedures of modeling from the reports. Moreover, as case studies, some examples of comparisons obtained by applying the modeling method for actual incident reports are shown. |
| Keyword |
(in Japanese) |
(See Japanese page) |
| (in English) |
Diamond Model / Threat Intelligence / Cyber Kill Chain / Incident Report / / / / |
| Reference Info. |
IEICE Tech. Rep., vol. 116, no. 522, ICSS2016-47, pp. 7-12, March 2017. |
| Paper # |
ICSS2016-47 |
| Date of Issue |
2017-03-06 (ICSS) |
| ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
| Download PDF |
ICSS2016-47 |
| Conference Information |
| Committee |
ICSS IPSJ-SPT |
| Conference Date |
2017-03-13 - 2017-03-14 |
| Place (in Japanese) |
(See Japanese page) |
| Place (in English) |
University of Nagasaki |
| Topics (in Japanese) |
(See Japanese page) |
| Topics (in English) |
System Security, etc. |
| Paper Information |
| Registration To |
ICSS |
| Conference Code |
2017-03-ICSS-SPT |
| Language |
Japanese |
| Title (in Japanese) |
(See Japanese page) |
| Sub Title (in Japanese) |
(See Japanese page) |
| Title (in English) |
Modeling of Attack Activity for Integrated Analysis of Threat Information |
| Sub Title (in English) |
|
| Keyword(1) |
Diamond Model |
| Keyword(2) |
Threat Intelligence |
| Keyword(3) |
Cyber Kill Chain |
| Keyword(4) |
Incident Report |
| Keyword(5) |
|
| Keyword(6) |
|
| Keyword(7) |
|
| Keyword(8) |
|
| 1st Author's Name |
Kenta Nomura |
| 1st Author's Affiliation |
Kobe University (Kobe Univ.) |
| 2nd Author's Name |
Daiki Ito |
| 2nd Author's Affiliation |
Kobe University (Kobe Univ.) |
| 3rd Author's Name |
Masaki Kamizono |
| 3rd Author's Affiliation |
PwC Cyber Services (PwC Cyber Services) |
| 4th Author's Name |
Yoshiaki Shiraishi |
| 4th Author's Affiliation |
Kobe University (Kobe Univ.) |
| 5th Author's Name |
Yasuhiro Takano |
| 5th Author's Affiliation |
Kobe University (Kobe Univ.) |
| 6th Author's Name |
Masami Mohri |
| 6th Author's Affiliation |
Gifu University (Gifu Univ.) |
| 7th Author's Name |
Yuji Hoshizawa |
| 7th Author's Affiliation |
PwC Cyber Services (PwC Cyber Services) |
| 8th Author's Name |
Masakatu Morii |
| 8th Author's Affiliation |
Kobe University (Kobe Univ.) |
| 9th Author's Name |
|
| 9th Author's Affiliation |
() |
| 10th Author's Name |
|
| 10th Author's Affiliation |
() |
| 11th Author's Name |
|
| 11th Author's Affiliation |
() |
| 12th Author's Name |
|
| 12th Author's Affiliation |
() |
| 13th Author's Name |
|
| 13th Author's Affiliation |
() |
| 14th Author's Name |
|
| 14th Author's Affiliation |
() |
| 15th Author's Name |
|
| 15th Author's Affiliation |
() |
| 16th Author's Name |
|
| 16th Author's Affiliation |
() |
| 17th Author's Name |
|
| 17th Author's Affiliation |
() |
| 18th Author's Name |
|
| 18th Author's Affiliation |
() |
| 19th Author's Name |
|
| 19th Author's Affiliation |
() |
| 20th Author's Name |
|
| 20th Author's Affiliation |
() |
| 21st Author's Name |
|
| 21st Author's Affiliation |
() |
| 22nd Author's Name |
|
| 22nd Author's Affiliation |
() |
| 23rd Author's Name |
|
| 23rd Author's Affiliation |
() |
| 24th Author's Name |
|
| 24th Author's Affiliation |
() |
| 25th Author's Name |
|
| 25th Author's Affiliation |
() |
| 26th Author's Name |
/ / |
| 26th Author's Affiliation |
()
() |
| 27th Author's Name |
/ / |
| 27th Author's Affiliation |
()
() |
| 28th Author's Name |
/ / |
| 28th Author's Affiliation |
()
() |
| 29th Author's Name |
/ / |
| 29th Author's Affiliation |
()
() |
| 30th Author's Name |
/ / |
| 30th Author's Affiliation |
()
() |
| 31st Author's Name |
/ / |
| 31st Author's Affiliation |
()
() |
| 32nd Author's Name |
/ / |
| 32nd Author's Affiliation |
()
() |
| 33rd Author's Name |
/ / |
| 33rd Author's Affiliation |
()
() |
| 34th Author's Name |
/ / |
| 34th Author's Affiliation |
()
() |
| 35th Author's Name |
/ / |
| 35th Author's Affiliation |
()
() |
| 36th Author's Name |
/ / |
| 36th Author's Affiliation |
()
() |
| Speaker |
Author-1 |
| Date Time |
2017-03-13 13:25:00 |
| Presentation Time |
25 minutes |
| Registration for |
ICSS |
| Paper # |
ICSS2016-47 |
| Volume (vol) |
vol.116 |
| Number (no) |
no.522 |
| Page |
pp.7-12 |
| #Pages |
6 |
| Date of Issue |
2017-03-06 (ICSS) |