@inproceedings{c3bb41af3d16405aae8d4d76a178e098,
title = "Automated Enrichment of Logical Attack Graphs via Formal Ontologies",
abstract = "Attack graphs represent the possible actions of adversaries to attack a system. Cybersecurity experts use them to make decisions concerning remediation and recovery plans. There are different attack graph-building approaches. We focus on logical attack graphs. Networks and vulnerabilities constantly change; we propose an attack graph enrichment approach based on semantic augmentation post-processing of the logic predicates. Mapping attack graphs with alerts from a monitored system allows for confirming successful attack actions and updating according to network and vulnerability changes. The predicates get periodically updated based on attack evidence and ontology knowledge, allowing us to verify whether changes lead the attacker to the initial goals or cause further damage to the system not anticipated in the initial graphs. We illustrate our approach using a specific cyber-physical scenario affecting smart cities.",
keywords = "Attack Graph, Cybsersecurity, Defense Graph, Ontology",
author = "K{\'e}ren Saint-Hilaire and Fr{\'e}d{\'e}ric Cuppens and Nora Cuppens and Joaquin Garcia-Alfaro",
note = "Publisher Copyright: {\textcopyright} IFIP International Federation for Information Processing 2024.; 38th IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection, SEC 2023 ; Conference date: 14-06-2023 Through 16-06-2023",
year = "2024",
month = jan,
day = "1",
doi = "10.1007/978-3-031-56326-3\_5",
language = "English",
isbn = "9783031563256",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "59--72",
editor = "Norbert Meyer and Anna Grocholewska-Czury{\l}o",
booktitle = "ICT Systems Security and Privacy Protection - 38th IFIP TC 11 International Conference, SEC 2023, Revised Selected Papers",
}
