An ACO Based Approach for Detection of an Optimal Attack Path in a Dynamic Environment

Ghosh, Nirnay; Nanda, Saurav; Ghosh, Sumana

doi:10.1007/978-3-642-11322-2_48

Cited by 4 publications

(4 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A methodology for creating dynamic environments whose vulnerability severity may vary over time has been presented in this work. An innovative method known as Ant Colony Optimization (ACO), which is based on a soft computing technology, has been introduced [16]. It takes an attack graph and the individual exploit scores to generate an ideal attack path dynamically [13].…”

Section: Intrusion Optimal Path Attack Detectionmentioning

confidence: 99%

Intrusion Optimal Path Attack detection using ACO for Cloud Computing

Jaiganesh,

ShivajiRao,

Dhivya

et al. 2024

E3S Web Conf.

View full text Add to dashboard Cite

As the cloud infrastructure is simultaneously shared by millions of consumers, heinous use of cloud resources are also increasing. It makes ways to attackers to set up attacks by exploiting the vulnerabilities. And obviously, these attacks are leading to severe disasters as innocent consumers are unknowingly sharing cloud resources with harmful attackers. To prevent the occurrence of cloud attacks, attack graph based framework is proposed in this paper. Here, an attack path sketches an attack scenario by a streak of threats ranging in severity rating that shows how popular a particular cloud network service is in comparison. In a dynamic cloud environment, the proposed framework can disclose an optimal attack path thereby preventing cloud attacks. In cloud system the infrastructure is shared by potentially millions of users, which benefits the attackers to exploit vulnerabilities of the cloud. An instrument for analyzing multi-stage, multi-host assault scenarios in networks is the attack graph. It might not be possible for the administrator to patch every vulnerability n a large number of assault paths in an attack graph. The administrator might not be able to fix every vulnerability. To identify the most preferred or ideal assault path from a particular attack graph in a setting Ant Colony Optimization (ACO) algorithm is used.

show abstract

Section: Intrusion Optimal Path Attack Detectionmentioning

confidence: 99%

Intrusion Optimal Path Attack detection using ACO for Cloud Computing

Jaiganesh,

ShivajiRao,

Dhivya

et al. 2024

E3S Web Conf.

View full text Add to dashboard Cite

show abstract

“…Secondly, this technique's performance is not good enough when it deals with APT and zero-day vulnerabilities, because the interval of time series of HMM is slight less than the interval of APT and this method uses Common Vulnerability and Exposures (CVE) [10]. Ghosh et al [4] proposes an ACO-based defense strategy planning method. This method is similar as [6].…”

Section: Related Workmentioning

confidence: 99%

“…Thus, the optimal attack path cannot be modeled quickly, and in extreme cases, it may not be possible to determine the optimal attack path. In [4], authors use the ant colony optimization (ACO) approach to search the optimal attack path based on the minimal attack path [5], but ACO can easily fall into a local optimum. Reference [6] proposes a HMMbased attack graph generation method, and then authors use ACO-based algorithm to compute the optimal attack path.…”

Section: Introductionmentioning

confidence: 99%

A Dynamic Hidden Forwarding Path Planning Method Based on Improved Q-Learning in SDN Environments

Chen

2018

Security and Communication Networks

View full text Add to dashboard Cite

Currently, many methods are available to improve the target network's security. The vast majority of them cannot obtain an optimal attack path and interdict it dynamically and conveniently. Almost all defense strategies aim to repair known vulnerabilities or limit services in target network to improve security of network. These methods cannot response to the attacks in real-time because sometimes they need to wait for manufacturers releasing corresponding countermeasures to repair vulnerabilities. In this paper, we propose an improved Q-learning algorithm to plan an optimal attack path directly and automatically. Based on this path, we use software-defined network (SDN) to adjust routing paths and create hidden forwarding paths dynamically to filter vicious attack requests. Compared to other machine learning algorithms, Q-learning only needs to input the target state to its agents, which can avoid early complex training process. We improve Q-learning algorithm in two aspects. First, a reward function based on the weights of hosts and attack success rates of vulnerabilities is proposed, which can adapt to different network topologies precisely. Second, we remove the actions and merge them into every state that reduces complexity from ( 3 ) to ( 2 ). In experiments, after deploying hidden forwarding paths, the security of target network is boosted significantly without having to repair network vulnerabilities immediately.

show abstract

“…Such misinterpretations have been found to be very expensive in terms of both denial of service (DoS) and resource depletion (Thakar et al, 2010). To reduce the false alarms, alert correlation techniques (Cuppens and Miege, 2002;Ning et al, 2002) have been used to find which kind of attack actions may follow a given action (Ghosh et al, 2010;Debar and Wespi, 2001). But they could not tell the next likely action of the attacker.…”

Section: Introductionmentioning

confidence: 99%

BAIT: behaviour aided intruder testimony technique for attacker intention prediction in business data handling

Mallikarjunan¹,

Shalinie²,

Bhuvaneshwaran³

2019

IJBIDM

View full text Add to dashboard Cite

During business transactions there are lot of opportunity for data theft and data misinterpretation. Mostly, the legitimate users act like malicious users and try to misuse their privileges. So, it is very important to know their intentions and different strategies they apply for business data theft. In this paper, we develop an information analytics based technique for inferring attacker intent objectives and strategies (AIOS). The input to the model is the alert logs in real-world attack-defense scenario and output are the discovered attack strategies or patterns. The implementation of this model is done on a real-world attack-defence scenario to increase the learning efficiency of the technique. Experimental results on expected impact and attack path shows that the technique provides better results than conventional intrusion detection systems.

show abstract

An ACO Based Approach for Detection of an Optimal Attack Path in a Dynamic Environment

Cited by 4 publications

References 7 publications

Intrusion Optimal Path Attack detection using ACO for Cloud Computing

Intrusion Optimal Path Attack detection using ACO for Cloud Computing

A Dynamic Hidden Forwarding Path Planning Method Based on Improved Q-Learning in SDN Environments

BAIT: behaviour aided intruder testimony technique for attacker intention prediction in business data handling

Contact Info

Product

Resources

About