• DocumentCode
    1804902
  • Title

    A Markov multi-phase transferable belief model: An application for predicting data exfiltration APTs

  • Author

    Ioannou, Georgios ; Louvieris, Panos ; Clewley, Natalie ; Powell, Gavin

  • Author_Institution
    Brunel Univ., Uxbridge, UK
  • fYear
    2013
  • fDate
    9-12 July 2013
  • Firstpage
    842
  • Lastpage
    849
  • Abstract
    eXfiltration Advanced Persistent Threats (XAPTs) increasingly account for incidents concerned with intelligence information gathering by malicious adversaries. This research exploits the multi-phase nature of an XAPT, mapping its phases into a cyber attack kill chain. A novel Markov Multi-Phase Transferable Belief Model (MM-TBM) is proposed and demonstrated for fusing incoming evidence from a variety of sources which takes into account conflicting information. The MM-TBM algorithm predicts a cyber attacker´s actions against a computer network and provides a visual representation of their footsteps.
  • Keywords
    Markov processes; computer network security; sensor fusion; MM-TBM; Markov multiphase transferable belief model; XAPTs; computer network; cyber attack kill chain; data exfiltration APT prediction; exfiltration advanced persistent threats; incoming evidence fusion; intelligence information gathering; malicious adversaries; phase mapping; visual footstep representation; Belief propagation; Computer networks; Malware; Markov processes; Prediction algorithms; Vectors; APT; Conflict Management; Cyber Security; Exfiltration; Information Fusion; TBM;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Fusion (FUSION), 2013 16th International Conference on
  • Conference_Location
    Istanbul
  • Print_ISBN
    978-605-86311-1-3
  • Type

    conf

  • Filename
    6641081
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1804902