Active, Reactive and Proactive Visibility-Based Cyber Defense For Defending Against Attacks On Critical Systems | IEEE Conference Publication | IEEE Xplore

Active, Reactive and Proactive Visibility-Based Cyber Defense For Defending Against Attacks On Critical Systems


Abstract:

Ensuring cyber systems security requires the deployment of security solutions to prevent attacks occurrence, and the development of techniques to collect and analyze evid...Show More

Abstract:

Ensuring cyber systems security requires the deployment of security solutions to prevent attacks occurrence, and the development of techniques to collect and analyze evidences to prove attack occurrence. A main challenge that faces investigators is the incompleteness of the generated evidences in addition to the complexity of their analysis. Thus, we propose in this paper a cyber defense system, which is capable of analyzing evidences and proving system compromise. The proof can be done even if the damage property is unobservable, and a set of incomplete evidences are collected under a predefined context. In this work, we propose a Visibility-based cyber defense solution to make it possible for the developed defense system to deduce which attack scenarios could be proactively, reactively or instantaneously detected under a predefined context starting from an attack model based on attackers' capabilities. The model allows to cope with the distributed and evolving nature of security attacks. Starting from the different Visibility properties developed in this paper, a set of witness scenarios can be extracted and used for the proactive detection of attacks on the supervised systems, by a network of distributed observer agents. A case study is presented to exemplify the proposal and show its effectiveness.
Date of Conference: 15-19 June 2020
Date Added to IEEE Xplore: 27 July 2020
ISBN Information:

ISSN Information:

Conference Location: Limassol, Cyprus

Contact IEEE to Subscribe

References

References is not available for this document.