Abstract

This paper presents a framework for (1) generating variants of known attacks, (2) replaying attack variants in an isolated environment and, (3) validating detection capabilities of attack detection techniques against the variants. Our framework facilitates reproducible security experiments. We generated 648 variants of three real-world attacks (observed at the National Center for Supercomputing Applications at the University of Illinois). Our experiment showed the value of generating attack variants by quantifying the detection capabilities of three detection methods: a signature-based detection technique, an anomaly-based detection technique, and a probabilistic graphical model-based technique.

Original languageEnglish (US)
Pages28-37
Number of pages10
DOIs
StatePublished - 2016
EventSymposium and Bootcamp on the Science of Security, HotSos 2016 - Pittsburgh, United States
Duration: Apr 19 2016Apr 21 2016

Conference

ConferenceSymposium and Bootcamp on the Science of Security, HotSos 2016
Country/TerritoryUnited States
CityPittsburgh
Period4/19/164/21/16

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition
  • Software

Fingerprint

Dive into the research topics of 'A framework for generation, replay, and analysis of real-world attack variants'. Together they form a unique fingerprint.

Cite this