Go home now Header Background Image
Search
Submission Procedure
share: |
Special Issues
Submission Procedure
Aims and Scope
Board of Editors
What's New
 
Follow us
 
Articles by Topics
Articles by Author
Geographical Mashup
List of Topics
 
Printed Publications
 
Volume 26 (2020)
Volume 25 (2019)
Issue 1
Issue 2
Issue 3
Issue 4
Issue 5
Issue 6
Issue 7
Issue 8
Issue 9
Issue 10
Issue 11
Issue 12
Issue 13
Volume 24 (2018)
Volume 23 (2017)
Volume 22 (2016)
Volume 21 (2015)
Volume 20 (2014)
Volume 19 (2013)
Volume 18 (2012)
Volume 17 (2011)
Volume 16 (2010)
Volume 15 (2009)
Volume 14 (2008)
Volume 13 (2007)
Volume 12 (2006)
Volume 11 (2005)
Volume 10 (2004)
Volume 9 (2003)
Volume 8 (2002)
Volume 7 (2001)
Volume 6 (2000)
Volume 5 (1999)
Volume 4 (1998)
Volume 3 (1997)
Volume 2 (1996)
Volume 1 (1995)
Volume 0 (1994)
 
Collection of other papers
Volume 25 / Issue 9

available in:   PDF (1 MB) PS (2 MB)
 
get:  
Similar Docs BibTeX   Write a comment
  
get:  
Links into Future
 
DOI:   10.3217/jucs-025-09-1066

 

A Context-based Defense Model for Assessing Cyber Systems' Ability To Defend Against Known And Unknown Attack Scenarios

Yosra Lakhdhar (University of Carthage, Tunisia)

Slim Rekhis (University of Carthage, Tunisia)

Noureddine Boudriga (University of Carthage University, Tunisia)

Abstract: Presently, attackers succeed to damage different cyber systems no matter whether cyber security solutions are implemented or not. This fact can be explained by the information insufficiency regarding the attack environment and the deployed solutions, in addition to the predominant use of pre-built cyber attack databases, making the supervised system incapable of defending itself against zero-day attacks. We present in this paper an enhanced cyber defense model to assess the effectiveness of the deployed security solutions to defend against potential generated attack scenarios under various contexts (the configuration of distributed security solutions, named observer agents, the type and location of reaction systems, and the type of data visible by the deployed solutions). Furthermore, we propose a model ensuring the generation of known and unknown attack scenarios starting from the formal description of system variables and their interactions. In addition, we develop the concept of observable executable scenario that ensures the step by step observation of attack scenarios execution, the assessment of observer agents' reactions, and the detection of attack occurrence in a distributed system. The results of the conducted simulations using real case studies are presented to exemplify the proposal.

Keywords: cyber defense, distributed agents, formal generation, model checking, security assessment, unknown attacks

Categories: C.2.0, K.6.5, L.4.0