Full Program
Summary:
In the face of an evolving and increasingly complex threat landscape, organizations must adopt proactive approaches to assess and improve the resilience of their IT infrastructures against potential adversaries. Attack graphs are an effective tool to illustrate adversarial actions, but they often fail to capture the decision-making process of the adversaries. To address this limitation, we map MITRE techniques to the attack steps in the attack graph, and weight attempt probabilities at decision points according to the threat profile of the attacker. Considering a realistic, large IT infrastructure we analyze how variations in attacker decision-making impacts success rates, path diversity, the most frequent paths, and applied techniques. Our findings show that integrating attacker profiles into threat modeling can support accurate identification of the threat landscape and the optimization of defense strategies.
Author(s):
Muhammad Zeshan Naseer
KTH Royal Institute of Technology
Sweden
Muhammad Zeshan Naseer is a PhD student in the Department of Network and Systems Engineering at KTH Royal Institute of Technology, Sweden. He completed the Master of Science in Electrical Engineering at KTH Royal institute of Technology, Sweden in 2016, and the Bachelor's in Telecommunications Engineering at the National University of Computer & Emerging Sciences (FAST-NU), Islamabad, Pakistan in 2010. His research interests include network security and vulnerability assessment.
Viktoria Fodor
KTH Royal Institute of Technology
Sweden
Viktoria Fodor is Professor of Communication Networks at KTH Royal Institute of Technology, Sweden, since 2016. She received the M.Sc. and Ph.D. degrees from the Budapest University of Technology and Economics, Budapest, Hungary, in 1992 and 1999, respectively, both in computer engineering. Her research interest include the modeling of networks and distributed systems. She is associate editor of the IEEE Transactions of Network and Service Management.
Mathias Ekstedt
KTH Royal Institute of Technology
Sweden
Mathias Ekstedt is Professor at the division of Network and Systems Engineering at KTH Royal Institute of Technology, Sweden, since 2015. He received his MSc in 1999, PhD in 2004, and Docent in 2010, all from KTH. Much of his research interest revolves around developing formalisms for cyber threat modeling and attack simulations. He is also the co-founder and responsible for the cybersecurity Master program at KTH.
