Bayesian-Boolean Logic Security Assessment Model for Malware-Free Intrusions
نویسندگان
چکیده
Attackers have come to leverage exploits precipitated by system vulnerabilities and lapses by using malware which otherwise tends to be noisy as it generates unusual network traffic and system calls. Such noise is usually captured by intrusion detection systems. Therefore, malware-free intrusions which generate little noise if any at all, are especially attractive to APT actors because they covertly use normal applications making it hard for intrusion detection systems. In this paper, we consider malware-free intrusions by formulating representations of system security states using Boolean logic in the scenario of a backdoor attack utilizing system implementation of pre-authentication services. We further derive, from the generated attack scenarios, a Bayesian security assessment model based on the environmental parameters of the experimental test-bed based on the backdoor attack via RDP-based remote access. The malware-free intrusion based on RDP backdoor attack is successfully run on five different versions of operating systems.
منابع مشابه
Malware Risk Analysis on the Campus Network with Bayesian Belief Network
A security network management system is for providing clear guidelines on risk evaluation and assessment for enterprise networks. The threat and risk assessment is conducted to safeguard enterprise network services to maintain system confidentiality, integrity, and availability through effective control strategies. In this paper, based on our previous work in analyzing integrated information se...
متن کاملThe Neglected Human Factor for Information Security Management
Effective information systems security management combines technological measures and managerial efforts. Although various technical means have been employed to cope with security threats, human factors have been comparatively neglected. This article examines human factors that can lead to social engineering intrusions. Social engineering is a technique used by malicious attackers to gain acces...
متن کاملRisk Analysis of Operating Room Using the Fuzzy Bayesian Network Model
To enhance Patient’s safety, we need effective methods for risk management. This work aims to propose an integrated approach to risk management for a hospital system. To improve patient’s safety, we should develop flexible methods where different aspects of risk and type of information are taken into consideration. This paper proposes a fuzzy Bayesian network to model and analyze risk in the op...
متن کاملThe Framework for Information Security Risk Network Management based on Bayesian Belief Decision Support System for Threat on the Campus
The security network management system is for providing clear guidelines on risk evaluation and assessment for enterprise networks. The risk evaluation is based on the relationships among the most critical assets, and threats that are likely to those assets and their vulnerability impacts. Threat and risk assessment are conducted for identifying the safeguards to be adapted in order to maintain...
متن کاملNetwork Security Algorithms
Viruses, Worms and Trojan Horses, the malware zoo is growing every day. Hackers and Crackers try to penetrate computer systems, either for fun or for commercial benefit. Zombie-like creatures called Bots attack in the 10’s of thousands. Computer intrusions cause monetary as well as prestige losses. Countermeasures surely have to be taken, so a look on current technology and future outlines seem...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- I. J. Network Security
دوره 20 شماره
صفحات -
تاریخ انتشار 2018