مشخصات مقاله | |
ترجمه عنوان مقاله | مدلسازی مسیرهای حمله APT وزنی مبتنی بر شبکه Bayesian در رایانش ابری |
عنوان انگلیسی مقاله | Bayesian network based weighted APT attack paths modeling in cloud computing |
انتشار | مقاله سال 2019 |
تعداد صفحات مقاله انگلیسی | 34 صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
پایگاه داده | نشریه الزویر |
نوع نگارش مقاله |
مقاله پژوهشی (Research Article) |
مقاله بیس | این مقاله بیس نمیباشد |
نمایه (index) | Scopus – Master Journals List – JCR |
نوع مقاله | ISI |
فرمت مقاله انگلیسی | |
ایمپکت فاکتور(IF) |
7.007 در سال 2018 |
شاخص H_index | 93 در سال 2019 |
شاخص SJR | 0.835 در سال 2018 |
شناسه ISSN | 0167-739X |
شاخص Quartile (چارک) | Q1 در سال 2018 |
رشته های مرتبط | مهندسی کامپیوتر |
گرایش های مرتبط | رایانش ابری |
نوع ارائه مقاله |
ژورنال |
مجله / کنفرانس | سیستم های کامپیوتری نسل آینده-Future Generation Computer Systems |
دانشگاه | Department of Computer Science and Technology, University of Science and Technology Beijing, 100083, China |
کلمات کلیدی | مسیر حمله، تهدیدات پیشرفته مداوم، رایانش ابری، شبکه حمله Bayesian، بهره برداری، آسیب پذیری |
کلمات کلیدی انگلیسی | attack path, advanced persistent threats, cloud computing, Bayesian attack network, exploit, vulnerability |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.future.2019.02.045 |
کد محصول | E12079 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Abstract 1. Introduction 2. Threat model and attack path formalizations 3. Bayesian Network and Attacker’s Behavior Modeling 4. Path derivation and illustrative results 5. Conclusion Acknowledgment Research Data References |
بخشی از متن مقاله: |
Abstract Security vulnerabilities exhibited in cloud computing components and technologies not limited to hypervisors, virtual machines, and virtualization present a major security concern. The primary challenge has been to characterize interlinked attack paths generated by Advanced Persistent Thereat (APT) attackers upon exploitation of vulnerabilities exhibited in cloud components. We propose a Bayesian network based weighted attack paths modeling technique to model these attack paths. In our approach, we employ quantitative induction to express weighted attack paths. We chain marginal and conditional probabilities together to characterize multiple attack paths from the attack source to the target node. In so doing, we evaluate the likelihood of an APT occurring in a given path. Furthermore, we propose an optimized algorithm to find the shortest attack path from multiple sources based on key nodes and key edges. The algorithm not only finds the shortest path but also resolves any existing ties amongst paths of equal weights. We characterize the attack time expense of the APT attack by modeling the associated atomic attack events in a path as Poisson variables obeying the Erlang distribution. The attack time expense is classified into three different levels; High, Medium and Low. We use the WannaCry ransomware attack to evaluate our model. Introduction Security presents a major concern echoed by many organizations migrating to cloud computing [1]. With the advent of e-governance, different governments likewise are switching to cloud computing and this has inadvertently attracted Advanced Persistent Threat (APT) attackers who target big corporations and governments [2]. APT attackers possess high levels of technical skills and have extensive resources at their disposal and this has enabled them to effectuate sophisticated stealthy reconnaissance, surveillance and data exfiltration attacks with little traceability if any at all. This profile of attackers has come to exploit vulnerabilities exhibited in cloud computing components not limited to hypervisors, virtual machines, virtual routers etc, to reach the otherwise secured or unreachable resources. Virtualization, for example, which is the foundation of most cloud offerings [3], has a myriad of attack vectors targeting virtual machines whether at rest in the cloud data centers or during migration on the network. Attacks on such a level of detail require highly skilled threat actors, hence APTs. Traversal of vulnerable cloud components during an attack generates virtual attack paths which depict dependencies shared amongst the exploited vulnerabilities. Attack paths have been widely studied [4 -7] in literature using different approaches. However, most of the studies apply to generic network environments with discrete network devices as opposed to virtualized cloud computing devices [8]. Bayesian networks have been employed to study attack paths but they suffer from attack cycles which typically occur in real-world scenarios due to the interleaving of reconnaissance and active APT attack stages. |