FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2601476956> ?p ?o ?g. }

• W2601476956 endingPage "95" @default.
• W2601476956 startingPage "67" @default.
• W2601476956 abstract "Introduction Penetration testing is regarded as the gold-standard for understanding how well an organization can withstand sophisticated cyber-attacks. In a penetration test, a “red team” is hired to expose major flaws in the firm's security infrastructure. Recently, however, the market for exploit kits has continued to evolve and what was once a rather hard-to-penetrate and exclusive market—whose buyers were primarily western governments [95], has now become more accessible to a much wider population. In particular, 2015 saw the introduction of darknet markets specializing in zero-day exploit kits—exploits designed to leverage previously undiscovered vulnerabilities. These markets, which were discussed in Chapters 3–5, make exploits widely available to potential attackers. These exploit kits are difficult and time consuming to develop—and are often sold at premium prices. The cost associated with these sophisticated kits generally precludes penetration testers from simply obtaining such exploits, meaning an alternative approach is needed to understand what exploits an attacker will most likely purchase and how to defend against them. In this chapter, we introduce a data-driven security game framework to model an attacker and a defender of a specific system, providing system-specific policy recommendations to the defender. In addition to providing a formal framework and algorithms to develop strategies, we present experimental results from applying our framework, for various system configurations, on a subset of the real-world exploit data gathered from the system presented in Chapter 4. This game theoretic framework provides another example of rich cyber threat intelligence that can be derived from the darknet exploit data. For this chapter, we surveyed 8 unique marketplaces and show some example exploit kits from the data set in Table 6.1. The widespread availability of zero-day exploits represents a potential game changer for penetration testers— specifically posing the following questions: • What exploits will an attacker likely purchase if he targets my organization? • What software used in the organization pose the biggest risk to new threats? To address these challenging questions, we extend a data-driven security game framework, initially introduced in [90]. Given a system configuration (or a distribution of system configurations within an organization) we model an attacker who, given a budget, will purchase exploits to maximize his level of access to the target system. Likewise, a defender will look to adjust system configurations in an effort to minimize the effectiveness of an attacker while ensuring that necessary software dependencies are satisfied." @default.
• W2601476956 created "2017-04-07" @default.
• W2601476956 creator A5036817746 @default.
• W2601476956 creator A5038543531 @default.
• W2601476956 creator A5053172504 @default.
• W2601476956 creator A5062272519 @default.
• W2601476956 creator A5072579371 @default.
• W2601476956 creator A5081115472 @default.
• W2601476956 creator A5084566253 @default.
• W2601476956 date "2017-03-29" @default.
• W2601476956 modified "2023-09-24" @default.
• W2601476956 title "Using Game Theory for Threat Intelligence" @default.
• W2601476956 doi "https://doi.org/10.1017/9781316888513.008" @default.
• W2601476956 hasPublicationYear "2017" @default.
• W2601476956 type Work @default.
• W2601476956 sameAs 2601476956 @default.
• W2601476956 citedByCount "0" @default.
• W2601476956 crossrefType "book-chapter" @default.
• W2601476956 hasAuthorship W2601476956A5036817746 @default.
• W2601476956 hasAuthorship W2601476956A5038543531 @default.
• W2601476956 hasAuthorship W2601476956A5053172504 @default.
• W2601476956 hasAuthorship W2601476956A5062272519 @default.
• W2601476956 hasAuthorship W2601476956A5072579371 @default.
• W2601476956 hasAuthorship W2601476956A5081115472 @default.
• W2601476956 hasAuthorship W2601476956A5084566253 @default.
• W2601476956 hasConcept C153083717 @default.
• W2601476956 hasConcept C154945302 @default.
• W2601476956 hasConcept C165696696 @default.
• W2601476956 hasConcept C38652104 @default.
• W2601476956 hasConcept C41008148 @default.
• W2601476956 hasConceptScore W2601476956C153083717 @default.
• W2601476956 hasConceptScore W2601476956C154945302 @default.
• W2601476956 hasConceptScore W2601476956C165696696 @default.
• W2601476956 hasConceptScore W2601476956C38652104 @default.
• W2601476956 hasConceptScore W2601476956C41008148 @default.
• W2601476956 hasLocation W26014769561 @default.
• W2601476956 hasOpenAccess W2601476956 @default.
• W2601476956 hasPrimaryLocation W26014769561 @default.
• W2601476956 hasRelatedWork W165977945 @default.
• W2601476956 hasRelatedWork W1967920953 @default.
• W2601476956 hasRelatedWork W2193424120 @default.
• W2601476956 hasRelatedWork W2231800484 @default.
• W2601476956 hasRelatedWork W24981103 @default.
• W2601476956 hasRelatedWork W2553533857 @default.
• W2601476956 hasRelatedWork W2588307474 @default.
• W2601476956 hasRelatedWork W2768981064 @default.
• W2601476956 hasRelatedWork W2844694585 @default.
• W2601476956 hasRelatedWork W2890598156 @default.
• W2601476956 hasRelatedWork W2942152587 @default.
• W2601476956 hasRelatedWork W2960091592 @default.
• W2601476956 hasRelatedWork W2963556419 @default.
• W2601476956 hasRelatedWork W2991068773 @default.
• W2601476956 hasRelatedWork W3041797820 @default.
• W2601476956 hasRelatedWork W3120580272 @default.
• W2601476956 hasRelatedWork W3122267592 @default.
• W2601476956 hasRelatedWork W50167952 @default.
• W2601476956 hasRelatedWork W570189632 @default.
• W2601476956 hasRelatedWork W2189385574 @default.
• W2601476956 isParatext "false" @default.
• W2601476956 isRetracted "false" @default.
• W2601476956 magId "2601476956" @default.
• W2601476956 workType "book-chapter" @default.