WEKO3
アイテム
The Attacker Might Also Do Next: ATT&CK Behavior Forecasting by Attacker-based Collaborative Filtering and Graph Databases
https://ipsj.ixsq.nii.ac.jp/records/231548
https://ipsj.ixsq.nii.ac.jp/records/2315481102c57c-56a2-46a6-9095-e15de6f73985
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6412006.pdf (1.4 MB)
2025年12月15日からダウンロード可能です。
|
Copyright (c) 2023 by the Information Processing Society of Japan
|
|
| 非会員:¥0, IPSJ:学会員:¥0, 論文誌:会員:¥0, DLIB:会員:¥0 | ||
| Item type | Journal(1) | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2023-12-15 | |||||||||||||
| タイトル | ||||||||||||||
| タイトル | The Attacker Might Also Do Next: ATT&CK Behavior Forecasting by Attacker-based Collaborative Filtering and Graph Databases | |||||||||||||
| タイトル | ||||||||||||||
| 言語 | en | |||||||||||||
| タイトル | The Attacker Might Also Do Next: ATT&CK Behavior Forecasting by Attacker-based Collaborative Filtering and Graph Databases | |||||||||||||
| 言語 | ||||||||||||||
| 言語 | eng | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | [特集:次世代デジタルプラットフォームにおける情報流通を支えるセキュリティとトラスト] MITRE ATT&CK, Collaborative Filtering, Attack Prediction, Graph Database | |||||||||||||
| 資源タイプ | ||||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||||
| 資源タイプ | journal article | |||||||||||||
| 著者所属 | ||||||||||||||
| Toyo University | ||||||||||||||
| 著者所属 | ||||||||||||||
| Toyo University | ||||||||||||||
| 著者所属 | ||||||||||||||
| Toyo University/The University of Tokyo | ||||||||||||||
| 著者所属 | ||||||||||||||
| Toyo University | ||||||||||||||
| 著者所属(英) | ||||||||||||||
| en | ||||||||||||||
| Toyo University | ||||||||||||||
| 著者所属(英) | ||||||||||||||
| en | ||||||||||||||
| Toyo University | ||||||||||||||
| 著者所属(英) | ||||||||||||||
| en | ||||||||||||||
| Toyo University / The University of Tokyo | ||||||||||||||
| 著者所属(英) | ||||||||||||||
| en | ||||||||||||||
| Toyo University | ||||||||||||||
| 著者名 |
Masaki, Kuwano
× Masaki, Kuwano
× Momoka, Okuma
× Satoshi, Okada
× Takuho, Mitsunaga
|
|||||||||||||
| 著者名(英) |
Masaki, Kuwano
× Masaki, Kuwano
× Momoka, Okuma
× Satoshi, Okada
× Takuho, Mitsunaga
|
|||||||||||||
| 論文抄録 | ||||||||||||||
| 内容記述タイプ | Other | |||||||||||||
| 内容記述 | Cyber attacks are causing tremendous damage around the world. To protect against attacks, many organizations have established or outsourced Security Operation Centers (SOCs) to check a large number of logs daily. Since there is no perfect countermeasure against cyber attacks, it is necessary to detect signs of intrusion quickly to mitigate damage caused by them. However, it is challenging to analyze a lot of logs obtained from PCs and servers inside an organization. Therefore, there is a need for a method of efficiently analyzing logs. In this paper, we propose a recommendation system using the ATT&CK technique, which predicts and visualizes attackers' behaviors using collaborative filtering so that security analysts can analyze logs efficiently. We evaluated the proposed method using real-world cyber-attack cases and found that it is able to make predictions with higher recall than our previously proposed method. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.31(2023) (online) DOI http://dx.doi.org/10.2197/ipsjjip.31.802 ------------------------------ |
|||||||||||||
| 論文抄録(英) | ||||||||||||||
| 内容記述タイプ | Other | |||||||||||||
| 内容記述 | Cyber attacks are causing tremendous damage around the world. To protect against attacks, many organizations have established or outsourced Security Operation Centers (SOCs) to check a large number of logs daily. Since there is no perfect countermeasure against cyber attacks, it is necessary to detect signs of intrusion quickly to mitigate damage caused by them. However, it is challenging to analyze a lot of logs obtained from PCs and servers inside an organization. Therefore, there is a need for a method of efficiently analyzing logs. In this paper, we propose a recommendation system using the ATT&CK technique, which predicts and visualizes attackers' behaviors using collaborative filtering so that security analysts can analyze logs efficiently. We evaluated the proposed method using real-world cyber-attack cases and found that it is able to make predictions with higher recall than our previously proposed method. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.31(2023) (online) DOI http://dx.doi.org/10.2197/ipsjjip.31.802 ------------------------------ |
|||||||||||||
| 書誌レコードID | ||||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||||
| 収録物識別子 | AN00116647 | |||||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 64, 号 12, 発行日 2023-12-15 |
|||||||||||||
| ISSN | ||||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||||
| 公開者 | ||||||||||||||
| 言語 | ja | |||||||||||||
| 出版者 | 情報処理学会 | |||||||||||||
