Visible to the public A Framework for Generation, Replay, and Analysis of Real-world Attack Variants

TitleA Framework for Generation, Replay, and Analysis of Real-world Attack Variants
Publication TypeConference Paper
Year of Publication2016
AuthorsCao, Phuong, Badger, Eric C., Kalbarczyk, Zbigniew T., Iyer, Ravishankar K.
Conference NameProceedings of the Symposium and Bootcamp on the Science of Security
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4277-3
Keywordspubcrawl, Resiliency, Scalability, signature based defense
Abstract

This paper presents a framework for (1) generating variants of known attacks, (2) replaying attack variants in an isolated environment and, (3) validating detection capabilities of attack detection techniques against the variants. Our framework facilitates reproducible security experiments. We generated 648 variants of three real-world attacks (observed at the National Center for Supercomputing Applications at the University of Illinois). Our experiment showed the value of generating attack variants by quantifying the detection capabilities of three detection methods: a signature-based detection technique, an anomaly-based detection technique, and a probabilistic graphical model-based technique.

URLhttp://doi.acm.org/10.1145/2898375.2898392
DOI10.1145/2898375.2898392
Citation Keycao_framework_2016