Profiling cyber attacks using Case-based Reasoning

Stylianos Kapetanakis, Avgoustinos Filippoupolitis, George Loukas, Tariq Saad Al Murayziq

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Abstract

Computer security would arguably benefit from more information on the characteristics of the particular human attacker behind a security incident. Nevertheless, technical security mechanisms have always focused on the at-tack's characteristics rather than the attacker's. The latter is a challenging prob-lem, as relevant data cannot easily be found. We argue that the cyber traces left by a human attacker during an intrusion attempt can help towards building a profile of the particular person. To illustrate this concept, we have developed an approach using case-based reasoning that indirectly measures an attacker’s characteristics for given attack scenarios. Our results reveal that case-based rea-soning has the potential of being used to assist security and forensic investiga-tors in profiling human attackers.
Original languageEnglish
Title of host publication19th UK Workshop on Case-Based Reasoning
Place of PublicationCambridge
Pages39-48
Number of pages10
Publication statusPublished - 1 Jan 2014
Event19th UK Workshop on Case-Based Reasoning - Cambridge, UK, 9 Dec 2014
Duration: 1 Jan 2014 → …

Workshop

Workshop19th UK Workshop on Case-Based Reasoning
Period1/01/14 → …

Keywords

  • Case-based reasoning
  • Cyber Security
  • Intrusion Detection
  • Artificial Intelligence

Fingerprint Dive into the research topics of 'Profiling cyber attacks using Case-based Reasoning'. Together they form a unique fingerprint.

  • Cite this

    Kapetanakis, S., Filippoupolitis, A., Loukas, G., & Saad Al Murayziq, T. (2014). Profiling cyber attacks using Case-based Reasoning. In 19th UK Workshop on Case-Based Reasoning (pp. 39-48).