Menu
Data Management & Biometrics (DMB)
Data Management & Biometrics (DMB)
UTFaculteitenEEMCSDisciplines & departementenDMBAssignmentsOpen AssignmentsOpen Master Assignments[M] Comparing attack graphs with business process models for modeling attacker strategies

[M] Comparing attack graphs with business process models for modeling attacker strategies

Master Assignment

[MSc Thesis] Comparing attack graphs with business process models for modeling attacker strategies

Type: Master EE/CS/HMI etc 

Period: TBD

Student: (Unassigned)

If you are interested please contact :

Picture of dr. F.A. Bukhsh (Faiza)
dr. F.A. Bukhsh (Faiza) Assistant Professor
+31534895275
 f.a.bukhsh@utwente.nl
Building: Zilverling 4037
Personal page
Picture of dr.ir. A. Nadeem (Azqa)
dr.ir. A. Nadeem (Azqa) Assistant Professor
+31534893361
 a.nadeem@utwente.nl
Building: Zilverling 2027
Personal page
Picture of dr. M.A. Lopuhaä - Zwakenberg (Milan)
dr. M.A. Lopuhaä - Zwakenberg (Milan) Assistant Professor
+31534898491
 m.a.lopuhaa@utwente.nl
Building: Zilverling 3078
Personal page

Background:

Both attack graphs and business process models have been used in the literature to model attacker strategies. Alert-driven attack graphs are extracted from discrete markovian finite state automata that are great for modeling the semantic meaning of symbols, i.e., identical symbols that have different futures/pasts are modeled using different states. On the other hand, business process models are great for modeling concurrency, i.e., modeling simultaneous attacker actions. In this project, we aim to compare the merits of each approach in modeling attacker strategies from a dataset of intrusion alerts collected through a penetration testing competition. We also aim to combine the two approaches to get the best of both worlds, i.e., modeling concurrent attacker actions while also considering their semantic meaning.

Close
Suggestions