Title :
A Markov multi-phase transferable belief model: An application for predicting data exfiltration APTs
Author :
Ioannou, Georgios ; Louvieris, Panos ; Clewley, Natalie ; Powell, Gavin
Author_Institution :
Brunel Univ., Uxbridge, UK
Abstract :
eXfiltration Advanced Persistent Threats (XAPTs) increasingly account for incidents concerned with intelligence information gathering by malicious adversaries. This research exploits the multi-phase nature of an XAPT, mapping its phases into a cyber attack kill chain. A novel Markov Multi-Phase Transferable Belief Model (MM-TBM) is proposed and demonstrated for fusing incoming evidence from a variety of sources which takes into account conflicting information. The MM-TBM algorithm predicts a cyber attacker´s actions against a computer network and provides a visual representation of their footsteps.
Keywords :
Markov processes; computer network security; sensor fusion; MM-TBM; Markov multiphase transferable belief model; XAPTs; computer network; cyber attack kill chain; data exfiltration APT prediction; exfiltration advanced persistent threats; incoming evidence fusion; intelligence information gathering; malicious adversaries; phase mapping; visual footstep representation; Belief propagation; Computer networks; Malware; Markov processes; Prediction algorithms; Vectors; APT; Conflict Management; Cyber Security; Exfiltration; Information Fusion; TBM;
Conference_Titel :
Information Fusion (FUSION), 2013 16th International Conference on
Conference_Location :
Istanbul
Print_ISBN :
978-605-86311-1-3
