Abstract
Cyber deception techniques are being used for the proactive defense against attacks. Several techniques were proposed in the literature to address the optimal and intelligent deployment of deception techniques but are unable to consider at the same time the wide sets of threats and defense data (attack tactics, techniques, exploited vulnerabilities, affected machines, generated traces), and the high uncertainty facing the selection of cyber deception resources and their locations. In this work, we provide a multi-layer graph that describes an attack with multi-views: a sequence of vulnerabilities, weaknesses, techniques and tactics. Based on this modeling, we provide algorithms for attack scenarios extraction, metrics for attack scenarios ranking and selection, and analytics for deception techniques assessment and comparison. Finally, a case study is presented to illustrate the efficiency of the proposed model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zhang, L., Thing, V.L.: Three decades of deception techniques in active cyber defense-retrospect and outlook. Comput. Secur. 106, 102288 (2021)
Duan, Q., Al-Shaer, E., Islam, M., Jafarian, H.: Conceal: a strategy composition for resilient cyber deception-framework, metrics and deployment. In: 2018 IEEE Conference on Communications and Network Security (CNS), pp. 1–9. IEEE (2018)
Wang, S., Pei, Q., Wang, J., Tang, G., Zhang, Y., Liu, X.: An intelligent deployment policy for deception resources based on reinforcement learning. IEEE Access 8, 35792–35804 (2020)
Barrère, M., Steiner, R. V., Mohsen, R., Lupu, E.C.: Tracking the bad guys: an efficient forensic methodology to trace multi-step attacks using core attack graphs. In: 2017 13th International Conference on Network and Service Management, pp. 1–7. IEEE (2017)
Shuo, W., Jianhua, W., Guangming, T., Qingqi, P., Yuchen, Z., Xiaohu, L: intelligent and efficient method for optimal penetration path generation. J. Comput. Res. Dev. 56(5), 929 (2019)
Mcgee, F., Ghoniem, M., Melançon, G., Otjacques, B., Pinaud, B.: The state of the art in multilayer network visualization. In: Computer Graphics Forum, vol. 38, no. 6, pp. 125–149 (2019)
Hemberg, E., et al.: Linking threat tactics, techniques, and patterns with defensive weaknesses, vulnerabilities and affected platform configurations for cyber hunting. arXiv preprint arXiv:2010.00533 (2020)
De Blasi, S.: Mapping MITRE ATT&CK to the WannaCry Campaign (2021)
Acknowledgment
This project is carried out under the MOBIDOC scheme, funded by the Ministry of Higher Education and Scientific Research through the PromEssE project and managed by the ANPR.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sayari, A., Djemaiel, Y., Rekhis, S., Mabrouk, A., Jerbi, B. (2022). Attack Modeling and Cyber Deception Resources Deployment Using Multi-layer Graph. In: Barolli, L., Hussain, F., Enokido, T. (eds) Advanced Information Networking and Applications. AINA 2022. Lecture Notes in Networks and Systems, vol 450. Springer, Cham. https://doi.org/10.1007/978-3-030-99587-4_48
Download citation
DOI: https://doi.org/10.1007/978-3-030-99587-4_48
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-99586-7
Online ISBN: 978-3-030-99587-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)