Towards an Operational Semantic Theory of Cyber Defense Against Advanced Persistent Threats
نویسندگان
چکیده
This paper presents current work on developing an operational semantic theory of cyber defense against advanced persistent threats (APTs), which is grounded in cyber threat analytics, science of evidence, knowledge engineering, and machine learning. After introducing advanced persistent threats, it overviews a systematic APT detection framework and the corresponding APT detection models, the formal representation and learning of these models in the knowledge base of a cognitive agent, and the development and integration of such agents into a specific cyber security operation center. advanced persistent threat, cyber threat analytics, cognitive assistant, evidence-based reasoning, knowledge-based learning, ontology, argumentation models, symbolic probabilities.
منابع مشابه
Defend against advanced persistent threats: An optimal control approach
The new cyber attack pattern of advanced persistent threats (APTs) poses a serious threat to cyberspace. This paper addresses the issue of defending against APTs in a cost-effective way. First, the APT-based cyber attack-defense processes are modeled as a type of differential dynamical systems. Then, the cyber defense problem is modeled as an optimal control problem. The optimal control problem...
متن کاملApplication of Stochastic Optimal Control, Game Theory and Information Fusion for Cyber Defense Modelling
The present paper addresses an effective cyber defense model by applying information fusion based game theoretical approaches. In the present paper, we are trying to improve previous models by applying stochastic optimal control and robust optimization techniques. Jump processes are applied to model different and complex situations in cyber games. Applying jump processes we propose some m...
متن کاملBirhanu Eshete
My research interests span the areas of systems security, cyber-crime analysis, big-data security analytics, and machine learning for security. In systems security, I particularly focus on the analysis and detection of advanced and persistent threats, web application security, and web-borne malware defense. In cyber-crime analysis, I focus on malicious sites/URLs, exploit kits, and ransomware. ...
متن کاملCyber Threat Indications & Warning: Predict, Identify and Counter
Crime has typically converged with aspects of warfare. This symbiotic relationship further complicates the broad battle-space understanding for early warning vigilance or defensive and offensive maneuvers against nebulous networks and masked relationships of convenience or ideology. The asymmetric cyber domain platform as an adversary’s tool to combat a foe unconventionally in a criminal, haras...
متن کاملFIRED: Frequent Inertial Resets with Diversification for Emerging Commodity Cyber-Physical Systems
A Cyber-Physical System (CPS) is defined by its unique characteristics involving both the cyber and physical domains. Their hybrid nature introduces new attack vectors, but also provides an opportunity to design new security defenses. In this paper, we present a new domain-specific security mechanism, FIRED, that leverages physical properties such as inertia of the CPS to improve security. FIRE...
متن کامل