all InfoSec news
URSID: Using formalism to Refine attack Scenarios for vulnerable Infrastructure Deployment. (arXiv:2303.17373v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
In this paper we propose a novel way of deploying vulnerable architectures
for defense and research purposes, which aims to generate deception platforms
based on the formal description of a scenario. An attack scenario is described
by an attack graph in which transitions are labeled by ATT&CK techniques or
procedures. The state of the attacker is modeled as a set of secrets he
acquires and a set of nodes he controls. Descriptions of a single scenario on a
technical level …
amp att attack controls deception defense deployment descriptions infrastructure nodes novel platforms procedures refine research scenario secrets single state technical techniques transitions vulnerable vulnerable infrastructure