english Icono del idioma   español Icono del idioma  

Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.12008/29279 How to cite
Title: A Process Mining-based approach for Attacker Profiling
Authors: Rodríguez, Marcelo
Betarte, Gustavo
Calegari, Daniel
Type: Preprint
Keywords: Cybersecurity, Process mining, Behaviour, Malware
Issue Date: 2021
Abstract: Reacting adequately to cybersecurity attacks requires observing the attackers’ knowledge, skills, and behaviors to examine their influence over the system and understand the characteristics associated with these attacks. Profiling an attacker allows generating security countermeasures that can be adopted even from the design of the systems. For automated attackers, e.g. malware, it is possible to identify some structured behavior, i.e. a process-like behavior consisting of several (partial) ordered activities. Process Mining (PM) is a discipline from the organizational context that focuses on analyzing the event logs associated with executing the system’s processes to discover many aspects of process behavior. Few proposals are applying PM to attacker profiling. In this work, we explore the use of PM techniques to identify the behavior of cyber attackers. In particular, we illustrate, using an application example, how they can be adapted to an environment dominated by automated attackers. We discuss preliminary results and provide guidelines for future work.
Description: IEEE URUCON 2021, Montevideo, Uruguay. 24-26 November, 2021.
Citation: Rodríguez, M., Betarte, G. y Calegari, D. A Process Mining-based approach for Attacker Profiling [Preprint]. Publicado en : IEEE URUCON 2021, Montevideo, Uruguay. 24-26 November, 2021.
License: Licencia Creative Commons Atribución - No Comercial - Sin Derivadas (CC - By-NC-ND 4.0)
Appears in Collections:Reportes Técnicos - Instituto de Computación

Files in This Item:
File Description SizeFormat  
RBC21.pdfPreprint327,38 kBAdobe PDFView/Open


This item is licensed under a Creative Commons License Creative Commons