43,327 research outputs found
Multi-Layer Cyber-Physical Security and Resilience for Smart Grid
The smart grid is a large-scale complex system that integrates communication
technologies with the physical layer operation of the energy systems. Security
and resilience mechanisms by design are important to provide guarantee
operations for the system. This chapter provides a layered perspective of the
smart grid security and discusses game and decision theory as a tool to model
the interactions among system components and the interaction between attackers
and the system. We discuss game-theoretic applications and challenges in the
design of cross-layer robust and resilient controller, secure network routing
protocol at the data communication and networking layers, and the challenges of
the information security at the management layer of the grid. The chapter will
discuss the future directions of using game-theoretic tools in addressing
multi-layer security issues in the smart grid.Comment: 16 page
ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks
Despite the fact that cyberattacks are constantly growing in complexity, the
research community still lacks effective tools to easily monitor and understand
them. In particular, there is a need for techniques that are able to not only
track how prominently certain malicious actions, such as the exploitation of
specific vulnerabilities, are exploited in the wild, but also (and more
importantly) how these malicious actions factor in as attack steps in more
complex cyberattacks. In this paper we present ATTACK2VEC, a system that uses
temporal word embeddings to model how attack steps are exploited in the wild,
and track how they evolve. We test ATTACK2VEC on a dataset of billions of
security events collected from the customers of a commercial Intrusion
Prevention System over a period of two years, and show that our approach is
effective in monitoring the emergence of new attack strategies in the wild and
in flagging which attack steps are often used together by attackers (e.g.,
vulnerabilities that are frequently exploited together). ATTACK2VEC provides a
useful tool for researchers and practitioners to better understand cyberattacks
and their evolution, and use this knowledge to improve situational awareness
and develop proactive defenses
Attack2vec: Leveraging temporal word embeddings to understand the evolution of cyberattacks
Despite the fact that cyberattacks are constantly growing in complexity, the research community still lacks effective tools to easily monitor and understand them. In particular, there is a need for techniques that are able to not only track how prominently certain malicious actions, such as the exploitation of specific vulnerabilities, are exploited in the wild, but also (and more importantly) how these malicious actions factor in as attack steps in more complex cyberattacks. In this paper we present ATTACK2VEC, a system that uses temporal word embeddings to model how attack steps are exploited in the wild, and track how they evolve. We test ATTACK2VEC on a dataset
of billions of security events collected from the customers of a commercial Intrusion Prevention System over a period of two years, and show that our approach is effective in monitoring the emergence of new attack strategies in the wild and in flagging which attack steps are often used together by attackers (e.g., vulnerabilities that are frequently exploited together). ATTACK2VEC provides a useful tool for researchers and practitioners to better
understand cyberattacks and their evolution, and use this knowledge to improve situational awareness and develop proactive defenses.Accepted manuscrip
- …