Reducing the Time to Detect Cyber Attacks : Combining Attack Simulation With Detection Logic
| dc.contributor.author | Myllyla, Juuso | |
| dc.contributor.author | Costin, Andrei | |
| dc.contributor.editor | Balandin, Sergey | |
| dc.contributor.editor | Koucheryavy, Yevgeni | |
| dc.contributor.editor | Tyutina, Tatiana | |
| dc.date.accessioned | 2021-07-27T10:42:49Z | |
| dc.date.available | 2021-07-27T10:42:49Z | |
| dc.date.issued | 2021 | |
| dc.identifier.citation | Myllyla, J., & Costin, A. (2021). Reducing the Time to Detect Cyber Attacks : Combining Attack Simulation With Detection Logic. In S. Balandin, Y. Koucheryavy, & T. Tyutina (Eds.), <i>FRUCT '29 : Proceedings of the 29th Conference of Open Innovations Association FRUCT</i> (pp. 465-474). FRUCT Oy. Proceedings of Conference of Open Innovations Association FRUCT. <a href="https://fruct.org/publications/acm29/files/Myl.pdf" target="_blank">https://fruct.org/publications/acm29/files/Myl.pdf</a> | |
| dc.identifier.other | CONVID_98444450 | |
| dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/77218 | |
| dc.description.abstract | Cyber attacks have become harder to detect, causing the average detection time of a successful data breach to be over six months and typically costing the target organization nearly four million dollars. The attacks are becoming more sophisticated and targeted, leaving unprepared environments easy prey for the attackers. Organizations with working antivirus systems and firewalls may be surprised when they discover their network has been encrypted by a ransomware operator. This raises a serious question, how did the attacks go undetected? The conducted research focuses on the most common pitfalls regarding late or even non-existent detection by defining the root cause behind the failed detection. The main goal of this work is to empower defenders to set up a test environment with sufficient logging policies and simulating attacks themselves. The attack simulations will then be turned into actionable detection logic, with the help of the detection logic framework. The framework is designed to guide defenders through a quick and agile process of creating more broad detection logic with the emphasis on tactics, techniques and procedures of attacks. The results in this study approach the detection issues in a broad and general manner to help defenders understand the issue of threat detection, instead of providing readily implemented solutions. | en |
| dc.format.extent | 540 | |
| dc.format.mimetype | application/pdf | |
| dc.language.iso | eng | |
| dc.publisher | FRUCT Oy | |
| dc.relation.ispartof | FRUCT '29 : Proceedings of the 29th Conference of Open Innovations Association FRUCT | |
| dc.relation.ispartofseries | Proceedings of Conference of Open Innovations Association FRUCT | |
| dc.rights | CC BY-ND 4.0 | |
| dc.title | Reducing the Time to Detect Cyber Attacks : Combining Attack Simulation With Detection Logic | |
| dc.type | conferenceObject | |
| dc.identifier.urn | URN:NBN:fi:jyu-202107274390 | |
| dc.contributor.laitos | Informaatioteknologian tiedekunta | fi |
| dc.contributor.laitos | Faculty of Information Technology | en |
| dc.type.uri | http://purl.org/eprint/type/ConferencePaper | |
| dc.relation.isbn | 978-952-69244-5-8 | |
| dc.type.coar | http://purl.org/coar/resource_type/c_5794 | |
| dc.description.reviewstatus | peerReviewed | |
| dc.format.pagerange | 465-474 | |
| dc.relation.issn | 2305-7254 | |
| dc.type.version | publishedVersion | |
| dc.rights.copyright | © The Authors 2021 | |
| dc.rights.accesslevel | openAccess | fi |
| dc.relation.conference | Conference of Open Innovations Association | |
| dc.subject.yso | organisaatiot | |
| dc.subject.yso | kyberturvallisuus | |
| dc.subject.yso | palomuurit (tietoturva) | |
| dc.subject.yso | testaus | |
| dc.subject.yso | tietotekniikka | |
| dc.subject.yso | simulointi | |
| dc.subject.yso | verkkohyökkäykset | |
| dc.subject.yso | tietoturva | |
| dc.format.content | fulltext | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p272 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p26189 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p15779 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p8471 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p5462 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p4787 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p27466 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p5479 | |
| dc.rights.url | https://creativecommons.org/licenses/by-nd/4.0/ | |
| dc.type.okm | A4 |
Aineistoon kuuluvat tiedostot
Aineisto kuuluu seuraaviin kokoelmiin
Ellei muuten mainita, aineiston lisenssi on CC BY-ND 4.0