Next Article in Journal
American Children’s Screen Time: Diminished Returns of Household Income in Black Families
Next Article in Special Issue
Early-Stage Detection of Cyber Attacks
Previous Article in Journal
Document Summarization Based on Coverage with Noise Injection and Word Association
Previous Article in Special Issue
Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects
Article

Evaluation of Attackers’ Skill Levels in Multi-Stage Attacks

Faculty of Science, Pavol Jozef Šafárik University in Košice, 040 01 Košice, Slovakia
*
Author to whom correspondence should be addressed.
This paper is an extended version of our paper published in International Workshop on Systems Safety and Security—IWSSS 2019, Pitesti, Romania, 27–29 June 2019.
Information 2020, 11(11), 537; https://doi.org/10.3390/info11110537
Received: 1 October 2020 / Revised: 14 November 2020 / Accepted: 17 November 2020 / Published: 19 November 2020
(This article belongs to the Special Issue Advanced Topics in Systems Safety and Security)
The rapid move to digitalization and usage of online information systems brings new and evolving threats that organizations must protect themselves from and respond to. Monitoring an organization’s network for malicious activity has become a standard practice together with event and log collection from network hosts. Security operation centers deal with a growing number of alerts raised by intrusion detection systems that process the collected data and monitor networks. The alerts must be processed so that the relevant stakeholders can make informed decisions when responding to situations. Correlation of alerts into more expressive intrusion scenarios is an important tool in reducing false-positive and noisy alerts. In this paper, we propose correlation rules for identifying multi-stage attacks. Another contribution of this paper is a methodology for inferring from an alert the values needed to evaluate the attack in terms of the attacker’s skill level. We present our results on the CSE-CIC-IDS2018 data set. View Full-Text
Keywords: alert correlation; attack evaluation; attacker skill level alert correlation; attack evaluation; attacker skill level
Show Figures

Figure 1

MDPI and ACS Style

Mézešová, T.; Sokol, P.; Bajtoš, T. Evaluation of Attackers’ Skill Levels in Multi-Stage Attacks. Information 2020, 11, 537. https://doi.org/10.3390/info11110537

AMA Style

Mézešová T, Sokol P, Bajtoš T. Evaluation of Attackers’ Skill Levels in Multi-Stage Attacks. Information. 2020; 11(11):537. https://doi.org/10.3390/info11110537

Chicago/Turabian Style

Mézešová, Terézia, Pavol Sokol, and Tomáš Bajtoš. 2020. "Evaluation of Attackers’ Skill Levels in Multi-Stage Attacks" Information 11, no. 11: 537. https://doi.org/10.3390/info11110537

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop