Automated Generation of Attack Signatures in Attack Graphs
Title | Automated Generation of Attack Signatures in Attack Graphs |
Publication Type | Presentation |
Year of Publication | 2016 |
Authors | Phuong Cao, University of Illinois at Urbana-Champaign |
Keywords | Data Driven Security Models and Analysis, factor graphs, NSA SoS Lablets Materials, science of security, UIUC |
Abstract | In this talk, we investigate applications of Factor Graphs to automatically generate attack signatures from security logs and domain expert knowledge. We demonstrate advantages of Factor Graphs over traditional probabilistic graphical models such as Bayesian Networks and Markov Random Fields in modeling security attacks. We illustrate Factor Graphs models using case studies of real attacks observed in the wild and at the National Center for Supercomputing Applications. Finally, we investigate how factor functions, a core component of Factor Graphs, can be constructed automatically to potentially improve detection accuracy and allow generalization of trained Factor Graph models in a variety of systems. |
Notes | Presentation for Information Trust Institute Joint Trust and Security/Science of Security Seminar at the University of Illinois at Urbana-Champaign on November 1, 2016. |
URL | https://recordings.engineering.illinois.edu:8443/ess/echo/presentation/d5d8b0aa-1ee0-4608-8c50-6d44a... |
Citation Key | node-31619 |
Attachment | Size |
---|---|
bytes |