Cyberattack Detection & Mitigation: A Goal-Oriented and Pattern-Based Approach

DSpace/Manakin Repository

Cyberattack Detection & Mitigation: A Goal-Oriented and Pattern-Based Approach

Show full item record

Title: Cyberattack Detection & Mitigation: A Goal-Oriented and Pattern-Based Approach
Author(s):
Moon, Sangwoo
Advisor: Chung, Lawrence
Date Created: 2017-05
Format: Thesis
Keywords: Cyberterrorism
Computer security
Computer networks—Security measures
Computer networks—Monitoring
Abstract: Concerns for computer-related security seem real and are increasingly becoming important just about everywhere. In particular, cyberattack — not necessarily attack through a physical means — has been drawing serious attention from the media, government, academia, etc. However, detecting some suspicious behavior of computer-related systems as a phenomenon of a cyberattack has been challenging. Detection helps but should be followed by some actions towards rectifying any undesirable behavior. A complete set of actions that can absolutely eliminate all the undesirable behaviors seems extremely difficult, if not impossible. In this thesis, we propose a goal-oriented and pattern-based approach to detecting and mitigating cyber attacks. Using a pattern-based approach, knowledge and experience about similar cyber attacks are categorized into different classes of patterns, which essentially consist of a set of conditions for determining if a suspicious incident belongs to a particular cyber attack pattern class and a set of actions for mitigating the cyber attack incident. Using a goal-oriented approach, together with case-based reasoning, options are explored for detecting and mitigating cyber attacks, tradeoffs among the options analyzed, and selection are made. In this thesis, one application is studied for illustrating, as well as for demonstrating the potential benefits of, our approach. The application has to do with cyber attacks from North Korea to South Korea. We feel our studies show the potential benefits for our approach — for more precisely characterizing a cyber attack (more finer-grained) and taking more surgical mitigating actions.
Degree Name: MSCS
Degree Level: Masters
Persistent Link: http://hdl.handle.net/10735.1/5468
Type : text
Degree Program: Computer Science

Files in this item

Files Size Format View
MOON-THESIS-2017.pdf 2.855Mb PDF View/Open

This item appears in the following Collection(s)


Show full item record