Affiliation:
1. Department of Artificial Intelligence, Ajou University, Suwon 16499, Republic of Korea
2. Department of Software and Computer Engineering, Ajou University, Suwon 16499, Republic of Korea
Abstract
As the world becomes digitized and connected, cyberattacks and security issues have been steadily increasing. In particular, advanced persistent threats (APTs) are actors who perform various complex attacks over the long term to achieve their purpose. These attacks involve more planning and intelligence than typical cyberattacks. Many studies have investigated APT detection and defense methods; however, studies on security requirements that focus on non-technical factors and prevention are relatively few. Therefore, this study aims to provide attack information to users obtained by analyzing attack scenarios as well as security requirements to help the users understand and make decisions. To this end, we propose a method for extracting attack elements by providing users with templates for attack scenarios with different levels of abstraction. In addition, we use a problem domain ontology that is based on the concept of a case to provide users with attack analysis results and recommended security requirements. Our method uses case-based reasoning to retrieve similar cases, recommend reusable security requirements, and propose revision directions. The ontology can be improved by adding the solution to the problem as a new case. We conducted case studies and surveys to evaluate our methods and showed that they help specify security requirements.
Funder
Basic Science Research Program through the National Research Foundation of Korea
BK21 FOUR program of the National Research Foundation of Korea
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference39 articles.
1. (2021, November 11). 2021 Data Breach Investigations Report (DBIR) by Verizon. Available online: https://vigitrust.com/wp-content/uploads/2021/08/John-Grim-2021-DBIR-Patterns-in-Data-Breaches.pdf?msclkid=5d208ed5cea911ec9606a7306c2c091d.
2. (2021, November 11). Security Priority Studies 2022 by Foundry, an IDG Incorporated. Available online: https://www.idg.com/tools-for-marketers/research-security-priorities/.
3. (2021, November 11). APT Trends Report Q3 2021 by Global Research & Analysis Team. Available online: https://securelist.com/apt-trends-report-q3-2021/104708/.
4. Chen, P., Desmet, L., and Huygens, C. (2014, January 25–26). A study on advanced persistent threats. Proceedings of the IFIP International Conference on Communications and Multimedia Security, Aveiro, Portugal.
5. A comprehensive study on APT attacks and countermeasures for future networks and communications: Challenges and solutions;Singh;J. Supercomput.,2019