Abstract
The different types of cyber-attacks on information and telecommunications systems are becoming increasingly sophisticated and complex, with several defined phases (attack pattern). Therefore, it is necessary to research and develop new infrastructures to understand and detect them. This work addresses the design and implementation of a system capable of detecting, analyzing, modeling and visualizing attack patterns in real time to build a dataset with labeled events attacks. The system consists of the three subsystems, detection of attack events subsystem; attack events analysis subsystem to model active patterns based on Common Attack Pattern Enumeration and Classification (CAPEC) definitions; and the attack pattern visualization subsystem. The results obtained from the attacks carried out over a period of six months under a series of assumptions are shown. These results have allowed the construction of a dataset with attack events labelled according to the possible attack patterns to which they belong. The developed system can provide an organization with a very real situational awareness of the cybersecurity situation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
