scholarly journals Cyber Attack and Defense Emulation Agents

2020 ◽  
Vol 10 (6) ◽  
pp. 2140
Author(s):  
Jeong Do Yoo ◽  
Eunji Park ◽  
Gyungmin Lee ◽  
Myung Kil Ahn ◽  
Donghwa Kim ◽  
...  
Keyword(s):  
Network Security ◽  
Threat Assessment ◽  
Cyber Attack ◽  
Test Results ◽  
It Infrastructure ◽  
Penetration Test ◽  
Attack Patterns ◽  
Manual Tasks ◽  
Attack And Defense ◽  
Multiple Attack

As the scale of the system and network grows, IT infrastructure becomes more complex and hard to be managed. Many organizations have a serious problem to manage their system and network security. In addition, vulnerabilities of hardware and software are increasing in number rapidly. In such a complex IT environment, security administrators need more practical and automated threat assessment methods to reduce their manual tasks. Adversary emulation based automated assessment is one of the solutions to solve the aforementioned problems because it helps to discover the attack paths and vulnerabilities to be exploited. However, it is still inefficient to perform the adversary emulation because adversary emulation requires well-designed attack scenarios created by security experts. Besides, a manual-based penetration test cannot be frequently performed. To overcome this limitation, we propose an adversary emulation framework composed of the red team and blue team agent. The red team agent carries out automated attacks based on the automatically generated scenarios by the proposed framework. The blue team agent deploys defense measures to react to the red team agent’s attack patterns. To test our framework, we test multiple attack scenarios on remote servers that have various vulnerable software. In the experiment, we show the red team agent can gain an administrator’s privilege from the remote side when the blue team agent’s intervention is not enabled. The blue team agent can successfully block the red team’s incoming attack when enabled. As a result, we show our proposed framework is beneficial to support routine threat assessment from the adversary’s perspective. It will be useful for security administrators to make security defense strategy based on the test results.

scholarly journals The Border Attack Defense System is Software-Based

2021 ◽  
Vol 2074 (1) ◽  
pp. 012041
Author(s):  
Rui Wang ◽  
Yingxian Chang ◽  
Lei Ma ◽  
Hao Zhang ◽  
Xin Liu ◽  
...  
Keyword(s):  
Network Security ◽  
Personal Information ◽  
Cyber Attack ◽  
Ordinary People ◽  
Defense System ◽  
Network Attacks ◽  
The Public ◽  
Wide Range ◽  
Attack And Defense ◽  
Day By Day

Abstract Now the computer has been completely towards the public, the network in daily life is more and more widely used, but at the same time, the potential network security problems are also more and more serious. Some sophisticated computer people in order to make money, crack other personal users or company information, a variety of network attacks one after another. Cyber attack has become an extremely feared existence for ordinary people because of its wide range of attacks, strong attack force and obvious hiding effect, which seriously threatens the security of personal information network. If attacked by this kind of attack, the loss borne by each person or company is immeasurable. In order to maintain network security, the defense system is also improving day by day, and finally presents software. This paper mainly makes a detailed understanding of the border attack and defense system, and analyzes the main reasons and inevitability of the software of the border attack and defense system.

Cyber threat assessment via attack scenario simulation using an integrated adversary and network modeling approach

2017 ◽  
Vol 15 (1) ◽  
pp. 13-29 ◽  
Author(s):  
Stephen Moskal ◽  
Shanchieh Jay Yang ◽  
Michael E Kuhl
Keyword(s):  
Network Security ◽  
Threat Assessment ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Network Defense ◽  
Knowledge Based ◽  
Attack Scenario ◽  
Cyber Threat ◽  
Scenarios Simulation ◽  
System Configurations

Existing research on cyber threat assessment focuses on analyzing the network vulnerabilities and producing possible attack graphs. Cyber attacks in real-world enterprise networks, however, vary significantly due to not only network and system configurations, but also the attacker’s strategies. This work proposes a cyber-based attacker behavior model (ABM) in conjunction with the Cyber Attack Scenario and Network Defense Simulator to model the interaction between the network and the attackers. The ABM leverages a knowledge-based design and factors in the capability, opportunity, intent, preference, and Cyber Attack Kill Chain integration to model various types of attackers. By varying the types of attackers and the network configurations, and simulating their interactions, we present a method to measure the overall network security against cyber attackers under different scenarios. Simulation results based on four attacker types on two network configurations are shown to demonstrate how different attacker behaviors may lead to different ways to penetrate a network, and how a single misconfiguration may impact network security.

scholarly journals Penggunaan Metode Signature Based dalam Pengenalan Pola Serangan di Jaringan Komputer

2021 ◽  
Vol 8 (3) ◽  
pp. 517
Author(s):  
Herri Setiawan ◽  
M. Agus Munandar ◽  
Lastri Widya Astuti
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Test Results ◽  
Web Based ◽  
Security Issues ◽  
Attack Patterns ◽  
Attack Data ◽  
Tools And Techniques

<p class="Abstrak">Masalah keamanan jaringan semakin menjadi perhatian saat ini. Sudah semakin banyak <em>tools</em> maupun teknik yang dapat digunakan untuk masuk kedalam sistem secara ilegal, sehingga membuat lumpuh sistem yang ada. Hal tersebut dapat terjadi karena adanya celah dan tidak adanya sistem keamanan yang melindunginya, sehingga sistem menjadi rentan terhadap serangan. Pengenalan pola serangan di jaringan merupakan salah satu upaya agar serangan tersebut dapat dikenali, sehingga mempermudah administrator jaringan dalam menanganinya apabila terjadi serangan. Salah satu teknik yang dapat digunakan dalam keamanan jaringan<em> </em>karena dapat mendeteksi serangan secara <em>real time</em> adalah <em>Intrusion Detection System</em> (IDS), yang dapat membantu administrator dalam mendeteksi serangan yang datang. Penelitian ini menggunakan metode <em>signatured based </em>dan mengujinya dengan menggunakan simulasi. Paket data yang masuk akan dinilai apakah berbahaya atau tidak, selanjutnya digunakan beberapa <em>rule</em> untuk mencari nilai akurasi terbaik. Beberapa <em>rule</em> yang digunakan berdasarkan hasil <em>training </em>dan uji menghasilakan 60% hasil <em>training </em>dan 50% untuk hasil uji <em>rule</em> 1, 50% hasil <em>training </em>dan 75% hasil uji <em>rule</em> 2, 75% hasil <em>training</em> dan hasil uji rule 3, 25% hasil <em>training </em>dan hasil uji <em>rule </em>4, 50% hasil <em>training</em> dan hasil uji untuk <em>rule</em> 5. Hasil pengujian dengan metode <em>signatured based</em> ini mampu mengenali pola data serangan melaui protokol TCP dan UDP, dan <em>monitoring </em>yang dibuat mampu mendeteksi semua serangan dengan tampilan <em>web base.</em></p><p class="Abstrak"><em><br /></em></p><p class="Abstrak"><strong><em>Abstract</em></strong></p><p class="Abstract"><em>Network security issues are becoming increasingly a concern these days. There are more and more tools and techniques that can be used to enter the system illegally, thus paralyzing the existing system. This can occur due to loopholes and the absence of a security system that protects it so that the system becomes vulnerable to attacks. The recognition of attack patterns on the network is an effort to make these attacks recognizable, making it easier for network administrators to handle them in the event of an attack. One of the techniques that can be used in network security because of a timely attack is the Intrusion Detection System (IDS), which can help administrators in surveillance that comes. This study used a signature-based method and tested it using a simulation. The incoming data packet will be assessed whether it is dangerous or not, then several rules are used to find the best accuracy value. Some rules used are based on the results of training and testing results in 60% training results and 50% for rule 1 test results, 50% training results and 75% rule 2 test results, 75% training results and rule 3 test results, 25% training results and the result of rule 4 test, 50% of training results and test results for rule 5. The test results with the signature-based method can recognize attack data patterns via TCP and UDP protocols, and monitoring is made to be able to detect all attacks with a web-based display.</em></p><p class="Abstrak"><strong><em><br /></em></strong></p>

Coevolutionary modeling of cyber attack patterns and mitigations using public datasets

2021 ◽  
Author(s):  
Michal Shlapentokh-Rothman ◽  
Jonathan Kelly ◽  
Avital Baral ◽  
Erik Hemberg ◽  
Una-May O'Reilly
Keyword(s):  
Cyber Attack ◽  
Attack Patterns ◽  
Public Datasets

Generation Method of Power Network Security Defense Strategy Based on Markov Decision Process

2021 ◽  
Author(s):  
Wang Yang ◽  
Liu Dong ◽  
Wang Dong ◽  
Xu Chun
Keyword(s):  
Network Security ◽  
Response Time ◽  
Markov Decision Process ◽  
Decision Process ◽  
Evolutionary Game ◽  
Power Network ◽  
Network Attack ◽  
Defense Strategy ◽  
Markov Decision ◽  
Attack And Defense

Aiming at the problem that the current generation method of power network security defense strategy ignores the dependency relationship between nodes, resulting in closed-loop attack graph, which makes the defense strategy not generate attack path, resulting in poor defense effect and long generation response time of power network security defense strategy, a generation method of power network security defense strategy based on Markov decision process is proposed. Based on the generation of network attack and defense diagram, the paper describes the state change of attack network by using Markov decision-making process correlation principle, introduces discount factor, calculates the income value of attack and defense game process, constructs the evolutionary game model of attack and defense, solves the objective function according to the dynamic programming theory, obtains the optimal strategy set and outputs the final results, and generates the power network security defense strategy. The experimental results show that the proposed method has good defense effect and can effectively shorten the generation response time of power network security defense strategy.

Reliability Analysis of Foundation Settlement in Nigeria Based on Standard Penetration Test Results

Geo-Risk 2017 ◽  
2017 ◽  
Author(s):  
Salahudeen A. Bunyamin ◽  
Ijimdiya S. Thomas ◽  
Eberemu O. Adrian ◽  
Osinubi J. Kolawole
Keyword(s):  
Reliability Analysis ◽  
Standard Penetration Test ◽  
Foundation Settlement ◽  
Test Results ◽  
Penetration Test
Sign in / Sign up

Export Citation Format

Share Document