Bayesian Models for Node-Based Inference Techniques

Nazia Sharmin, Shanto Roy, Aron Laszka, Jaime Acosta, Christopher Kiekintveld

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

Cyber attackers often use passive reconnaissance to collect information about target networks. This technique can be used to identify systems and plan attacks, making it an increasingly challenging task for security analysts to detect. Adversaries can recover statistical information from the information collected from compromised nodes, revealing target identities such as operating systems, software and servers. A comprehensive analysis of the collected data can aid in understanding what information an adversary can deduce from this technique. With this analysis, the defender can examine the methods of inferring a target used by adversaries and model adversaries' inference techniques and belief formation. For this purpose, we propose a model-driven decision support system (DSS) based on a Bayesian belief network (BBN) to depict adversary node-based inference techniques from passively collected data and belief formation. BBN provides a compact representation of probabilistic data and allows the formalization of adversary beliefs. We demonstrate this approach with a case study based on the passively observed operating system (OS) fingerprinting data, which is evaluated utilizing p-value significance level and compared against the model generated from local networks and predictive accuracy. We also show that our methods produce models with high predictive accuracy surpassing a sequential artificial neural network (ANN).

Original languageEnglish (US)
Title of host publicationSysCon 2023 - 17th Annual IEEE International Systems Conference, Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665439947
DOIs
StatePublished - 2023
Event17th Annual IEEE International Systems Conference, SysCon 2023 - Vancouver, Canada
Duration: Apr 17 2023Apr 20 2023

Publication series

NameSysCon 2023 - 17th Annual IEEE International Systems Conference, Proceedings

Conference

Conference17th Annual IEEE International Systems Conference, SysCon 2023
Country/TerritoryCanada
CityVancouver
Period4/17/234/20/23

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems
  • Control and Systems Engineering
  • Safety, Risk, Reliability and Quality
  • Control and Optimization
  • Modeling and Simulation

Cite this