Predicting consequences through cyberattack descriptions

Date

2022-08

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Threat modeling is a process by which the security designers and re- searchers analyze the security of a system against known threats and vulnerabilities. There is a myriad of threat intelligence and vulnerability databases that security experts use day-to-day to make important decisions. Security experts and incident responders require the right set of skills and tools to recognize attack consequences and convey them to various stakeholders. To the best of our knowledge, the literature lacks a threat modeling technique, which is user-centric and perceives the security features and dimensions from the user’s perspective. For example, the taxonomies may describe what asset the attacker may target and the various methods or vulnerabilities that can be exploited but not how the attack will impact the user. Moreover, the consequences of attacks are often too technical for non-technical users with little-to-no-background in cybersecurity. To this end, we introduce a user-centric threat model called UC-STRIDE, which extends Microsoft’s STRIDE model, to incorporate the consequences of the cyberattacks from both technical and non-technical perspectives. We introduce a repository called CogSec, which consists of cyberattack descriptions annotated with their immediate technical and non-technical consequences. Furthermore, this dissertation focuses on using natural language processing (NLP) and machine learning techniques to analyze cyberattack text descriptions and predict its consequences. This can be useful to quickly analyze new attacks discovered in the wild and help security practitioners take requisite action and also convey the consequences to stakeholders in a simple way as they may not have adequate background in cybersecurity. Research has shown that users become sensitized to repeated text warnings and alerts and thus can lead users to be more susceptible to cyberattacks. This dissertation explores whether the consequences of cyber threats can be conveyed to the users’ using non-speech natural sounds known as sonifications similar to text warnings."


Embargo status: Restricted until 09/2172. To request the author grant access, click on the PDF link to the left.

Description

Keywords

NLP, Deep Learning, Consequences

Citation