Intelligent Cyber Security Analysis in Enterprise Networks
نویسندگان
چکیده
In this paper, we position the correct way of using graphical models for enhancing cyber security analysis in enterprise networks. Graphical models can be powerful in representation, analysis and visualization. We describe the need of introducing “intelligence” in security analysis, followed by a critical review of state-of-the-art attack graph approaches. Such review leads to the lessons learned during attack graph research and motivates our unique vision of how we should use graphical models for effective and efficient security anal-
منابع مشابه
Detecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملTowards the development of a Cyber-Intelligent Enterprise System Architecture
Although the concept of Cyber Intelligent Enteprise is largely based on Cyber Physical Systems (CPS), research in adjacent fields, like Internet of Things (IoT), is also important as it provides a valuable set of system architectures and integration techniques. The current socio-economic context provides the perfect opportunity for the development of a new breed of enterprise system architectur...
متن کاملTowards a Game-theoretic Framework for Intelligent Cyber-security Alert Allocation
In recent years, there have been a number of successful cyber attacks on enterprise networks by malicious actors. These attacks generate alerts which must be investigated by cyber analysts to determine if they are an attack. Unfortunately, there are magnitude more alerts than cyber analysts a trend expected to continue into the future creating a need to find optimal assignments of the incoming ...
متن کاملDon't Bury your Head in Warnings: A Game-Theoretic Approach for Intelligent Allocation of Cyber-security Alerts
In recent years, there have been a number of successful cyber attacks on enterprise networks by malicious actors. These attacks generate alerts which must be investigated by cyber analysts to determine if they are an attack. Unfortunately, there are magnitude more alerts than cyber analysts a trend expected to continue into the future creating a need to find optimal assignments of the incoming ...
متن کاملBringing Security Proactively Into the Enterprise
Prevailing network architectures are designed for openness, collaboration, and sharing. The majority of viruses and worms use the network to spread rapidly through the enterprise network, enabling these cyber threats to reach their targets effortlessly. The most common solution available today for cyber security is hardening of systems via “patching” or keeping the operating systems, applicatio...
متن کامل