TY - GEN
T1 - A Multi-layer Approach through Threat Modelling and Attack Simulation for Enhanced Cyber Security Assessment
AU - Iturbe, Eider
AU - Arcas, Javier
AU - Rios, Erkuden
AU - Toledo, Nerea
N1 - Publisher Copyright:
© 2024 ACM.
PY - 2024/7/30
Y1 - 2024/7/30
N2 - There is a growing concern about the dynamic landscape of cyber security threats escalating, and the need for improvement in defence capabilities against emerging sophisticated incidents. In response, this paper presents a solution called the Cyber Incident Simulation System, which enables system security engineers to simulate cyber-physical attacks and incidents without the requirement to affect or disrupt the ongoing business operation of the system. Leveraging graph-based threat modelling and AI-generated incident data, the system empowers professionals to predict the effect of the incident within the system under study. The synthetic data is used by anomaly-based Intrusion Detection Systems (IDSs) and other additional security controls to improve their detection algorithms to enhance their accuracy and effectiveness. The Cyber Incident Simulation System is designed to enhance the cyber security measures through the simulation of various incident scenarios.
AB - There is a growing concern about the dynamic landscape of cyber security threats escalating, and the need for improvement in defence capabilities against emerging sophisticated incidents. In response, this paper presents a solution called the Cyber Incident Simulation System, which enables system security engineers to simulate cyber-physical attacks and incidents without the requirement to affect or disrupt the ongoing business operation of the system. Leveraging graph-based threat modelling and AI-generated incident data, the system empowers professionals to predict the effect of the incident within the system under study. The synthetic data is used by anomaly-based Intrusion Detection Systems (IDSs) and other additional security controls to improve their detection algorithms to enhance their accuracy and effectiveness. The Cyber Incident Simulation System is designed to enhance the cyber security measures through the simulation of various incident scenarios.
KW - attack graph
KW - cyber security
KW - cyber security assessment
KW - simulation
KW - synthetic data generation
KW - threat modelling
UR - http://www.scopus.com/inward/record.url?scp=85200375955&partnerID=8YFLogxK
U2 - 10.1145/3664476.3670458
DO - 10.1145/3664476.3670458
M3 - Conference contribution
AN - SCOPUS:85200375955
T3 - ACM International Conference Proceeding Series
BT - ARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings
PB - Association for Computing Machinery
T2 - 19th International Conference on Availability, Reliability and Security, ARES 2024
Y2 - 30 July 2024 through 2 August 2024
ER -