Abstract
AbstractCyber deception techniques are being used for the proactive defense against attacks. Several techniques were proposed in the literature to address the optimal and intelligent deployment of deception techniques but are unable to consider at the same time the wide sets of threats and defense data (attack tactics, techniques, exploited vulnerabilities, affected machines, generated traces), and the high uncertainty facing the selection of cyber deception resources and their locations. In this work, we provide a multi-layer graph that describes an attack with multi-views: a sequence of vulnerabilities, weaknesses, techniques and tactics. Based on this modeling, we provide algorithms for attack scenarios extraction, metrics for attack scenarios ranking and selection, and analytics for deception techniques assessment and comparison. Finally, a case study is presented to illustrate the efficiency of the proposed model.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
