ADCaDeM: A Novel Method of Calculating Attack Damage Based on Differential Manifolds

Zhen Liu, Chang Zhen Hu, Chun Shan*, Zheng Yan

*此作品的通讯作者

科研成果: 期刊稿件文章同行评审

2 引用 (Scopus)

摘要

Calculating system damage caused by a cyberattack can help in understanding the impact and destructiveness of the attack to discover system security weaknesses. Thus, system damage calculations is important in the process of network offense-defense confrontation. However, there is little research on attack damage calculation. Current methods are unable to quantitatively evaluate the impact of an attack in a rational and accurate way. The lack of theoretical support and the complexity of both cyber systems and attacks bring tremendous challenges to attack damage calculations. In this paper, we propose a novel method called ADCaDeM to enable quantitative attack damage calculation based on a differential manifold. The damage is a negative utility produced by attack behaviors on an attacked object, which can be characterized and expressed by its attributes. We formally map the attack behaviors into a space constructed by the attributes of the attacked object in a mathematical way. Then, we propose an algorithm to construct these attributes as a differential manifold to represent their algebraic topological structure. According to the theory of tangent vectors and geodesics on the differential manifold, we can calculate attack behavioral utility in a physical way, such as computing the work done in physics. Regardless of the complexity of the dimensional structure of the attributes, the differential manifold structure can reasonably represent and calculate the damage caused by an attack. We simulate a data theft attack and a web penetration attack to test the performance of ADCaDeM and compare it with existing methods. Our experimental results illustrate ADCaDeM's advance in terms of rationality for calculating the damage caused by some typical cyberattacks.

源语言英语
页(从-至)4070-4084
页数15
期刊IEEE Transactions on Dependable and Secure Computing
20
5
DOI
出版状态已出版 - 1 9月 2023

指纹

探究 'ADCaDeM: A Novel Method of Calculating Attack Damage Based on Differential Manifolds' 的科研主题。它们共同构成独一无二的指纹。

引用此