dc.contributor | Rodríguez Marcelo, Universidad de la República (Uruguay). Facultad de Ingeniería. | |
dc.contributor | Betarte Gustavo, Universidad de la República (Uruguay). Facultad de Ingeniería | |
dc.contributor | Calegari Daniel, Universidad de la República (Uruguay). Facultad de Ingeniería. | |
dc.creator | Rodríguez, Marcelo | |
dc.creator | Betarte, Gustavo | |
dc.creator | Calegari, Daniel | |
dc.date.accessioned | 2021-09-01T12:32:53Z | |
dc.date.accessioned | 2022-10-28T20:15:30Z | |
dc.date.available | 2021-09-01T12:32:53Z | |
dc.date.available | 2022-10-28T20:15:30Z | |
dc.date.created | 2021-09-01T12:32:53Z | |
dc.date.issued | 2021 | |
dc.identifier | Rodríguez, M., Betarte, G. y Calegari, D. A Process Mining-based approach for Attacker Profiling [Preprint]. Publicado en : IEEE URUCON 2021, Montevideo, Uruguay. 24-26 November, 2021. | |
dc.identifier | https://hdl.handle.net/20.500.12008/29279 | |
dc.identifier.uri | https://repositorioslatinoamericanos.uchile.cl/handle/2250/4983269 | |
dc.description.abstract | Reacting adequately to cybersecurity attacks requires
observing the attackers’ knowledge, skills, and behaviors
to examine their influence over the system and understand
the characteristics associated with these attacks. Profiling an
attacker allows generating security countermeasures that can
be adopted even from the design of the systems. For automated
attackers, e.g. malware, it is possible to identify some structured
behavior, i.e. a process-like behavior consisting of several
(partial) ordered activities. Process Mining (PM) is a discipline
from the organizational context that focuses on analyzing the
event logs associated with executing the system’s processes to
discover many aspects of process behavior. Few proposals are
applying PM to attacker profiling. In this work, we explore the
use of PM techniques to identify the behavior of cyber attackers.
In particular, we illustrate, using an application example, how
they can be adapted to an environment dominated by automated
attackers. We discuss preliminary results and provide guidelines
for future work. | |
dc.language | en | |
dc.publisher | IEEE | |
dc.rights | Licencia Creative Commons Atribución - No Comercial - Sin Derivadas (CC - By-NC-ND 4.0) | |
dc.rights | Las obras depositadas en el Repositorio se rigen por la Ordenanza de los Derechos de la Propiedad Intelectual de la Universidad de la República.(Res. Nº 91 de C.D.C. de 8/III/1994 – D.O. 7/IV/1994) y por la Ordenanza del Repositorio Abierto de la Universidad de la República (Res. Nº 16 de C.D.C. de 07/10/2014) | |
dc.subject | Cybersecurity | |
dc.subject | Process mining | |
dc.subject | Behaviour | |
dc.subject | Malware | |
dc.title | A Process Mining-based approach for Attacker Profiling | |
dc.type | Preprint | |