Visible to the public Predicting the Difficulty of Compromise through How Attackers Discover VulnerabilitiesConflict Detection Enabled

Submitted by najmeri on Fri, 12/20/2019 - 12:02pm

PI(s), Co-PI(s), Researchers:

PI: Andrew Meneely; Co-PI: Laurie Williams; Researchers: Nuthan Munaiah and Nasif Imtiaz

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

  • Metrics

PUBLICATIONS
Papers written as a result of your research from the current quarter only.

  • None

KEY HIGHLIGHTS
Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.

  • We have collected 9 terabytes and over a billion events from CPTC 2019 Regionals and CPTC 2019 Nationals. Having been more involved with the instrumentation this time, we have an even better look at what attackers are doing in a controlled, competition environment. We are currently adapting our CPTC 2018 observations to queries so that we can extract timelines even faster for the 2019 data set.
  • We have conducted a literature search on existing stochastic models of attacker behavior and believe we know the existing literature on the topic. None of the approaches have such a fine-grained data set as ours, and many of the models were theoretical to begin with. Using what we have learned from these theoretical models, we developing our own stochastic models for simulating attacker behavior. If we can develop these models and use CPTC data to train it, we can accurately predict which vulnerabilties are more discoverable based on various conditions.

COMMUNITY ENGAGEMENT

  • None

EDUCATIONAL ADVANCES:

  • None.
Groups: