- IUT Repository Home
- →
- Computer Science and Engineering (CSE)
- →
- Thesis
- →
- Undergraduate
- →
- 2021
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Chowdhury, Imtiaj Ahmed | |
| dc.contributor.author | Karim, A. H. M. Rezaul | |
| dc.contributor.author | Sakib, Fardin Ahsan | |
| dc.date.accessioned | 2022-04-16T15:53:44Z | |
| dc.date.available | 2022-04-16T15:53:44Z | |
| dc.date.issued | 2021-03-30 | |
| dc.identifier.citation | [1] D. S. Fava, S. R. Byers, and S. J. Yang, “Projecting cyberattacks through variable-length markov models,” IEEE Transactions on Information Forensics and Security, vol. 3, no. 3, pp. 359–369, 2008. [2] A. A. Ramaki, M. Khosravi-Farmad, and A. G. Bafghi, “Real time alert correlation and prediction using bayesian networks,” in 2015 12th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC), pp. 98–103, IEEE, 2015. [3] I. Perry, L. Li, C. Sweet, S.-H. Su, F.-Y. Cheng, S. J. Yang, and A. Okutan, “Differentiating and predicting cyberattack behaviors using lstm,” in 2018 IEEE Conference on Dependable and Secure Computing (DSC), pp. 1–8, IEEE, 2018. [4] Y. Shen, E. Mariconti, P. A. Vervier, and G. Stringhini, “Tiresias: Predicting security events through deep learning,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 592–605, 2018. [5] Y. Takahashi, S. Shima, R. Tanabe, and K. Yoshioka, “Aptgen: An approach towards generating practical dataset labelled with targeted attack sequences,” in 13th {USENIX} Workshop on Cyber Security Experimentation and Test ({CSET} 20), 2020. [6] “Mitre att&ck framework.” https://attack.mitre.org/. [7] T. Micro, “Targeted attack.” https://www.trendmicro.com/vinfo/us/security/news/ cyber-attacks/understanding-targeted-attacks-what-is-a-targeted-attack. [8] Wikipedia, “Ashley madison hack in 2015.” https://en.wikipedia.org/wiki/Ashley_Madison_ data_breach. [9] Netsurion, “Cyber kill chain model.” https://www.netsurion.com/articles/ eventtracker-enterprise-and-the-cyber-kill-chain. [10] K. Cho, B. Van Merrienboer, C. Gulcehre, D. Bahdanau, F. Bougares, H. Schwenk, and Y. Bengio, “Learn- ¨ ing phrase representations using rnn encoder-decoder for statistical machine translation,” arXiv preprint arXiv:1406.1078, 2014. [11] A. Graves, “Generating sequences with recurrent neural networks,” arXiv preprint arXiv:1308.0850, 2013. Page 20 of 21 [12] S. Hochreiter and J. Schmidhuber, “Long short-term memory,” Neural computation, vol. 9, no. 8, pp. 1735– 1780, 1997. [13] I. Sutskever, O. Vinyals, and Q. V. Le, “Sequence to sequence learning with neural networks,” in Advances in neural information processing systems, pp. 3104–3112, 2014. | en_US |
| dc.identifier.uri | http://hdl.handle.net/123456789/1326 | |
| dc.description | Supervised by Prof. Dr. Muhammad Mahbub Alam, Department of Computer Science and Engineering (CSE), Islamic University of Technology (IUT), Gazipur-1704, Dhaka, Bangladesh | en_US |
| dc.description.abstract | Defending against targeted attacks is becoming increasingly difficult as attackers are constantly evolving with more complex and intricate strategies. As more entities are falling victim to targeted attacks and the cost associated with such attacks is skyrocketing, the need for proactive defense is rising. A distinguishing feature of targeted attacks from other cyber attacks is they are mounted in multiple steps. Attackers follow a series of steps like recon, infiltration etc. to reach their final objective. Previous research tried to predict attack steps from IDS alerts and none of them specifically focused on targeted attack. Our key insight is that as targeted attackers employ stealthy and sophisticated approach, they often bypass traditional IDS solutions, rendering IDS alerts based attack step prediction ineffective. In this work, we propose a system that can predict future attack steps in a targeted attack from previously observed attack steps and provide cyber defenders an opportunity to preemptively block an attack. To the best of our knowledge, this is the first work to predict attack steps specifically for targeted attacks. We define attack steps based on ATT&CK framework. We leverage encoder-decoder architecture to build the system as it has been proven to be effective in Natural Language Processing (NLP) for sequence modelling. We test our system on APTGen dataset and show that it can predict the next step to be taken by attacker with 86.83% accuracy. We also show that our system is robust against adversarial manipulation by attackers. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | Department of Computer Science and Engineering(CSE), Islamic University of Technology(IUT), Board Bazar, Gazipur, Bangladesh | en_US |
| dc.subject | Targeted Attack, ATT&CK Framework, Sequence to Sequence Model, Encoder-Decoder architecture | en_US |
| dc.title | Attack Step Prediction of Targeted Attacks using Deep Learning | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
2021 [30]