Paper Abstract and Keywords |
Presentation |
2017-03-13 13:25
Modeling of Attack Activity for Integrated Analysis of Threat Information Kenta Nomura, Daiki Ito (Kobe Univ.), Masaki Kamizono (PwC Cyber Services), Yoshiaki Shiraishi, Yasuhiro Takano (Kobe Univ.), Masami Mohri (Gifu Univ.), Yuji Hoshizawa (PwC Cyber Services), Masakatu Morii (Kobe Univ.) ICSS2016-47 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
Cyber attacks targeting specific victims use multiple intrusion routes and various attack methods. In order to combat such diversified cyber attacks, Threat Intelligence which is gathered attack activities, vulnerability information, and so on and is analyzed and organized them to let us utilize are attracted attention. Integrated analysis of the threat information is needed to compose the Threat Intelligence. The threat information can be found in incident reports published by security vendors. However, it is difficult to compare these reports because they are described in various formats defined by vendors. Therefore, in this paper, we apply a modeling framework for the reports and consider deriving the relevance of the reports from similarity and relation between the models. This paper presents the procedures of modeling from the reports. Moreover, as case studies, some examples of comparisons obtained by applying the modeling method for actual incident reports are shown. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Diamond Model / Threat Intelligence / Cyber Kill Chain / Incident Report / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 116, no. 522, ICSS2016-47, pp. 7-12, March 2017. |
Paper # |
ICSS2016-47 |
Date of Issue |
2017-03-06 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2016-47 |
|