DRAŠAR, Martin, Stephen MOSKAL, Shanchieh Jay YANG and Pavol ZAŤKO. Session-level Adversary Intent-Driven Cyberattack Simulator. Online. In Dusan Maga, Jiri Haek. DS-RT '20: Proceedings of the IEEE/ACM 24th International Symposium on Distributed Simulation and Real Time Applications. Praha: IEEE, 2020, p. 7-15. ISBN 978-1-7281-7343-6.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Session-level Adversary Intent-Driven Cyberattack Simulator
Name in Czech Simulátor kyberútoků řízený z pohledu útočníkova záměru
Authors DRAŠAR, Martin (203 Czech Republic, guarantor, belonging to the institution), Stephen MOSKAL (840 United States of America), Shanchieh Jay YANG (840 United States of America) and Pavol ZAŤKO (703 Slovakia).
Edition Praha, DS-RT '20: Proceedings of the IEEE/ACM 24th International Symposium on Distributed Simulation and Real Time Applications, p. 7-15, 9 pp. 2020.
Publisher IEEE
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10201 Computer sciences, information science, bioinformatics
Country of publisher United States of America
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14610/20:00116424
Organization unit Institute of Computer Science
ISBN 978-1-7281-7343-6
UT WoS 000628982300002
Keywords in English discrete event simulation;adversarial behavior;cyberattack
Tags core_B, rivok
Tags International impact, Reviewed
Changed by Changed by: Mgr. Alena Mokrá, učo 362754. Changed: 27/4/2021 16:09.
Abstract
Recognizing the need for proactive analysis of cyber adversary behavior, this paper presents a new event-driven simulation model and implementation to reveal the efforts needed by attackers who have various entry points into a network. Unlike previous models which focus on the impact of attackers' actions on the defender's infrastructure, this work focuses on the attackers' strategies and actions. By operating on a request-response session level, our model provides an abstraction of how the network infrastructure reacts to access credentials the adversary might have obtained through a variety of strategies. We present the current capabilities of the simulator by showing three variants of Bronze Butler APT on a network with different user access levels.
Links
EF16_019/0000822, research and development projectName: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur
PrintDisplayed: 7/10/2024 01:19