| Title | SecKG: Leveraging attack detection and prediction using knowledge graphs |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Kriaa, Siwar, Chaabane, Yahia |
| Conference Name | 2021 12th International Conference on Information and Communication Systems (ICICS) |
| Date Published | may |
| Keywords | advanced persistent threat, attack detection, Attack Modeling, attack prediction, cyber threat intelligence, Focusing, Human Behavior, Industries, Knowledge graphs, machine learning, Malware, Metrics, Predictive models, pubcrawl, Real-time Systems, Resiliency, Scalability |
| Abstract | Advanced persistent threats targeting sensitive corporations, are becoming today stealthier and more complex, coordinating different attacks steps and lateral movements, and trying to stay undetected for long time. Classical security solutions that rely on signature-based detection can be easily thwarted by malware using obfuscation and encryption techniques. More recent solutions are using machine learning approaches for detecting outliers. Nevertheless, the majority of them reason on tabular unstructured data which can lead to missing obvious conclusions. We propose in this paper a novel approach that leverages a combination of both knowledge graphs and machine learning techniques to detect and predict attacks. Using Cyber Threat Intelligence (CTI), we built a knowledge graph that processes event logs in order to not only detect attack techniques, but also learn how to predict them. |
| DOI | 10.1109/ICICS52457.2021.9464587 |
| Citation Key | kriaa_seckg_2021 |
SecKG: Leveraging attack detection and prediction using knowledge graphs