Research on the Impact of Attacks on Security Characteristics

Confidentiality, Integrity and Availability, essential security characteristics, are getting more attention. By analyzing the relationship between network attacks and security characteristics, we can deepen our understanding of network security. This paper proposes a method that evaluates the impact of attacks on the security characteristics for the first time by machine learning. The evaluation method is a step towards objectification. It based on intrusion detection system data set, includes data set process, extraction of critical features, evaluation value design, and other processes. This method can evaluate the impact of each attack record on the security characteristics in the data set. The evaluation result, enriching the content of the data set, can be used as a data label and an aspect of network security analysis. Through experimentation, the rationality of this evaluation method is proved.

[1]  Yudhvir Singh,et al.  A Review: DoS and DDoS Attacks , 2015 .

[2]  Philip S. Yu,et al.  Effective estimation of posterior probabilities: explaining the accuracy of randomized decision tree approaches , 2005, Fifth IEEE International Conference on Data Mining (ICDM'05).

[3]  Louis Wehenkel,et al.  An extra-trees-based automatic target recognition algorithm , 2009, 2009 International Radar Conference "Surveillance for a Safer World" (RADAR 2009).

[4]  Hanno Langweg,et al.  Software security metrics for malware resilience , 2008 .

[5]  Lianfen Huang,et al.  Application of BP neural network in wireless network security evaluation , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[6]  Mohammad Abdollahi Azgomi,et al.  Attack modelling and security evaluation based on stochastic activity networks , 2014, Secur. Commun. Networks.

[7]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[8]  Christopher Krügel,et al.  Shellzer: A Tool for the Dynamic Analysis of Malicious Shellcode , 2011, RAID.

[9]  Theodore Tryfonas,et al.  A Qualitative Approach to Information Availability , 2000, SEC.

[10]  Kevin P. Murphy,et al.  Machine learning - a probabilistic perspective , 2012, Adaptive computation and machine learning series.

[11]  S. M. K. Quadri,et al.  Information Availability: An Insight into the Most Important Attribute of Information Security , 2016 .

[12]  Aurélien Francillon,et al.  Backdoors: Definition, Deniability and Detection , 2018, RAID.

[13]  Elias Levy Worm Propagation and Generic Attacks , 2005, IEEE Secur. Priv..

[14]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[15]  Xiaohong Yuan,et al.  Network traffic classification for security analysis , 2016, SoutheastCon 2016.

[16]  Dr.Irshad Ahmed Sumra,et al.  Attacks on Security Goals (Confidentiality, Integrity, Availability) in VANET: A Survey , 2015 .

[17]  Roberto Battiti,et al.  Identifying intrusions in computer networks with principal component analysis , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[18]  Paul C. van Oorschot,et al.  Network scan detection with LQS: a lightweight, quick and stateful algorithm , 2011, ASIACCS '11.

[19]  Georgios Kambourakis,et al.  Introducing Deep Learning Self-Adaptive Misuse Network Intrusion Detection Systems , 2019, IEEE Access.