Title :
Evaluating Threat Assessment for Multi-Stage Cyber Attacks
Author :
Yang, Shanchieh Jay ; Holsopple, Jared ; Sudit, Moises
Author_Institution :
Rochester Inst. of Technol., NY
Abstract :
Current practices to defend against cyber attacks are typically reactive yet passive. Recent research work has been proposed to proactively predict hacker´s target entities in the early stage of the attack. With prediction, there comes false alarms and missed attacks. Very little has been reported on how to evaluate a threat assessment algorithm, especially for cyber security. Because of the variety and the constantly changing nature of hacker behavior and network vulnerabilities, a cyber threat assessment algorithm is, perhaps more susceptible that for other application domains. This work sets forth the issues on evaluating cyber threat assessment algorithms, and discusses the validity of various statistical measures. Simulation examples are provided to illustrate the pros and cons of using different metrics under various cyber attack scenarios. Our results show that commonly used false positives and false negatives are necessary but not sufficient to evaluate cyber threat assessment
Keywords :
computer crime; statistical analysis; multistage cyber attack; statistical measure; threat assessment algorithm; Computational modeling; Computer hacking; Computer networks; Computer security; Educational institutions; Filters; Intrusion detection; Military computing; Physics computing; Safety;
Conference_Titel :
Military Communications Conference, 2006. MILCOM 2006. IEEE
Conference_Location :
Washington, DC
Print_ISBN :
1-4244-0617-X
Electronic_ISBN :
1-4244-0618-8
DOI :
10.1109/MILCOM.2006.302216
