All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Identification of Attack Paths Using Kill Chain and Attack Graphs

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F22%3A00125603" target="_blank" >RIV/00216224:14610/22:00125603 - isvavai.cz</a>

  • Result on the web

    <a href="http://dx.doi.org/10.1109/NOMS54207.2022.9789803" target="_blank" >http://dx.doi.org/10.1109/NOMS54207.2022.9789803</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1109/NOMS54207.2022.9789803" target="_blank" >10.1109/NOMS54207.2022.9789803</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Identification of Attack Paths Using Kill Chain and Attack Graphs

  • Original language description

    The ever-evolving capabilities of cyber attackers force security administrators to focus on the early identification of emerging threats. Targeted cyber attacks usually consist of several phases, from initial reconnaissance of the network environment to final impact on objectives. This paper investigates the identification of multi-step cyber threat scenarios using kill chain and attack graphs. Kill chain and attack graphs are threat modeling concepts that enable determining weak security defense points. We propose a novel kill chain attack graph that merges kill chain and attack graphs together. This approach determines possible chains of attacker’s actions and their materialization within the protected network. The graph generation uses a categorization of threats according to violated security properties. The graph allows determining the kill chain phase the administrator should focus on and applicable countermeasures to mitigate possible cyber threats. We implemented the proposed approach for a predefined range of cyber threats, especially vulnerability exploitation and network threats. The approach was validated on a real-world use case. Publicly available implementation contains a proof-of-concept kill chain attack graph generator.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2022

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    NOMS 2022 - 2022 IEEE/IFIP Network Operations and Management Symposium

  • ISBN

    9781665406017

  • ISSN

    1542-1201

  • e-ISSN

  • Number of pages

    6

  • Pages from-to

    1-6

  • Publisher name

    IEEE Xplore Digital Library

  • Place of publication

    Budapest, Hungary

  • Event location

    Budapest, Hungary

  • Event date

    Jan 1, 2022

  • Type of event by nationality

    CST - Celostátní akce

  • UT code for WoS article

    000851572700059

Similar results(10)

POSTER: Dragging Attackers to Honeypots for Effective Analysis of Cybernetic ThreatsApproximate Solutions for Attack Graph Games with Imperfect InformationHardening networks against strategic attackers using attack graph games