Cybersecurity: A Survey of Vulnerability Analysis and Attack Graphs

Lahcen, Rachid Ait Maalem; Mohapatra, R. N.; Kumar, Manish

doi:10.1007/978-981-13-2095-8_9

Cited by 4 publications

(3 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The service 0 is stopped in host 1, resulting the only change in the NW as shown in boldface. Then, the defender takes an action (2,1), indicating the action to stop service 1 on host 2. This action results in a change in the network status, as shown in boldface.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Secure-by-synthesis network with active deception and temporal logic specifications

Fu,

Kulkarni,

Luo

et al. 2020

Preprint

View full text Add to dashboard Cite

This paper is concerned with the synthesis of strategies in network systems with active cyber deception. Active deception in a network employs decoy systems and other defenses to conduct defensive planning against the intrusion of malicious attackers who have been confirmed by sensing systems. In this setting, the defender's objective is to ensure the satisfaction of security properties specified in temporal logic formulas. We formulate the problem of deceptive planning with decoy systems and other defenses as a two-player games with asymmetrical information and Boolean payoffs in temporal logic. We use level-2 hypergame with temporal logic objectives to capture the incomplete/incorrect knowledge of the attacker about the network system as a payoff misperception. The true payoff function is private information of the defender. Then, we extend the solution concepts of ω-regular games to analyze the attacker's rational strategy given her incomplete information. By generalizing the solution of level-2 hypergame in the normal form to extensive form, we extend the solutions of games with safe temporal logic objectives to decide whether the defender can ensure security properties to be satisfied with probability one, given any possible strategy that is perceived to be rational by the attacker. Further, we use the solution of games with co-safe (reachability) temporal logic objectives to determine whether the defender can engage the attacker, by directing the attacker to a high-fidelity honeypot. The effectiveness of the proposed synthesis methods is illustrated with synthetic network systems with honeypots.

show abstract

Section: Resultsmentioning

confidence: 99%

“…A post-condition is a logical formula describes the effect of an action in the network system. Various approaches to attack graph generation have been proposed (see a recent survey [1]).…”

Section: A the Game Arena Of Cyber-deception Gamementioning

confidence: 99%

Secure-by-synthesis network with active deception and temporal logic specifications

Fu,

Kulkarni,

Luo

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…Once an attacker has access to the network's first level, they will attempt to breach every defensive system level. To identify vulnerabilities before the attackers do, the defender needs to be more driven to investigate security at all levels utilizing tools [25].…”

Section: Conceptsmentioning

confidence: 99%

Insights into Cybercrime Detection and Response: A Review of Time Factor

Taherdoost

2024

Information

View full text Add to dashboard Cite

Amidst an unprecedented period of technological progress, incorporating digital platforms into diverse domains of existence has become indispensable, fundamentally altering the operational processes of governments, businesses, and individuals. Nevertheless, the swift process of digitization has concurrently led to the emergence of cybercrime, which takes advantage of weaknesses in interconnected systems. The growing dependence of society on digital communication, commerce, and information sharing has led to the exploitation of these platforms by malicious actors for hacking, identity theft, ransomware, and phishing attacks. With the growing dependence of organizations, businesses, and individuals on digital platforms for information exchange, commerce, and communication, malicious actors have identified the susceptibilities present in these systems and have begun to exploit them. This study examines 28 research papers focusing on intrusion detection systems (IDS), and phishing detection in particular, and how quickly responses and detections in cybersecurity may be made. We investigate various approaches and quantitative measurements to comprehend the link between reaction time and detection time and emphasize the necessity of minimizing both for improved cybersecurity. The research focuses on reducing detection and reaction times, especially for phishing attempts, to improve cybersecurity. In smart grids and automobile control networks, faster attack detection is important, and machine learning can help. It also stresses the necessity to improve protocols to address increasing cyber risks while maintaining scalability, interoperability, and resilience. Although machine-learning-based techniques have the potential for detection precision and reaction speed, obstacles still need to be addressed to attain real-time capabilities and adjust to constantly changing threats. To create effective defensive mechanisms against cyberattacks, future research topics include investigating innovative methodologies, integrating real-time threat intelligence, and encouraging collaboration.

show abstract