A heuristic-based approach to automatically extract personalized attack graph related concepts from vulnerability descriptions
dc.contributor.author | Mukherjee, Subhojeet, author | |
dc.contributor.author | Ray, Indrajit, advisor | |
dc.contributor.author | Ray, Indrakshi, committee member | |
dc.contributor.author | Byrne, Zinta, committee member | |
dc.date.accessioned | 2018-01-17T16:45:29Z | |
dc.date.available | 2018-01-17T16:45:29Z | |
dc.date.issued | 2017 | |
dc.description.abstract | Computer users are not safe, be it at home or in public places. Public networks are more often administered by trained individuals who attempt to fortify those networks using strong administrative skills, state-of-the-art security tools and meticulous vigilance. This is, however, not true for home computer users. Being largely untrained they are often the most likely targets of cyber attacks. These attacks are often executed in cleverly interleaved sequences leading to the eventual goal of the attacker. The Personalized Attack Graphs (PAG) introduced by Ubranska et al. [24, 25, 32] can leverage the interplay of system configurations, attacker and user actions to represent a cleverly interleaved sequence of attacks on a single system. An instance of the PAG can be generated manually by observing system configurations of a computer and collating them with possible security threats which can exploit existing system vulnerabilities and/or misconfigurations. However, the amount of manual labor involved in creating and periodically updating the PAG can be very high. As a result, attempt should be made to automate the process of generating the PAG. Information required to generate these graphs are available on the Internet in the form of vulnerability descriptions. This information is, however, almost always written in natural language and lacks any form of structure. In this thesis, we propose an unsupervised heuristic-based approach which parses vulnerability descriptions and extracts instances of PAG related concepts like system configurations, attacker and user actions. Extracted concepts can then be interleaved to generate the Personalized Attack Graph. | |
dc.format.medium | born digital | |
dc.format.medium | masters theses | |
dc.identifier | Mukherjee_colostate_0053N_14207.pdf | |
dc.identifier.uri | https://hdl.handle.net/10217/185622 | |
dc.language | English | |
dc.language.iso | eng | |
dc.publisher | Colorado State University. Libraries | |
dc.relation.ispartof | 2000-2019 | |
dc.rights | Copyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright. | |
dc.subject | cyber-security | |
dc.subject | graph | |
dc.subject | semantic | |
dc.subject | grammar | |
dc.subject | concept | |
dc.subject | NLP | |
dc.title | A heuristic-based approach to automatically extract personalized attack graph related concepts from vulnerability descriptions | |
dc.type | Text | |
dcterms.rights.dpla | This Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
thesis.degree.discipline | Computer Science | |
thesis.degree.grantor | Colorado State University | |
thesis.degree.level | Masters | |
thesis.degree.name | Master of Science (M.S.) |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Mukherjee_colostate_0053N_14207.pdf
- Size:
- 1.64 MB
- Format:
- Adobe Portable Document Format