Title :
On Coverage-Based Attack Profiles
Author :
Rivers, Anthony Thyron ; Vouk, M.A. ; Williams, Laurie A.
Author_Institution :
North Carolina State Univ., Raleigh, NC, USA
fDate :
June 30 2014-July 2 2014
Abstract :
Automated cyber attacks tend to be schedule and resource limited. The primary progress metric is often "coverage" of pre-determined "known" vulnerabilities that may not have been patched, along with possible zero-day exploits (if such exist). We present and discuss a hypergeometric process model that describes such attack patterns. We used web request signatures from the logs of a production web server to assess the applicability of the model.
Keywords :
Internet; security of data; Web request signatures; attack patterns; coverage-based attack profiles; cyber attacks; hypergeometric process model; production Web server; zero-day exploits; Computational modeling; Equations; IP networks; Mathematical model; Software; Software reliability; Testing; attack; coverage; models; profile; security;
Conference_Titel :
Software Security and Reliability-Companion (SERE-C), 2014 IEEE Eighth International Conference on
Conference_Location :
San Francisco, CA
DOI :
10.1109/SERE-C.2014.15
