Analysing Cyberattacks Using Attack Tree and Fuzzy Rules

Nitin Naik, Paul Jenkins, Paul Grace, Dishita Naik, Shaligram Prajapat, Jingping Song, Jian Xu, Ricardo M. Czekster

Research output: Chapter in Book/Published conference outputConference publication

Abstract

Understanding the development and execution of a cyberattack is intrinsic in its prevention and mitigation. A suitable cyberattack analysis method can be utilised in analysing cyberattacks. However, not every analysis method can be utilised for analysing every type of cyberattack due to the specific aim, strategy, requirements and skills of an analysis method. Therefore, deciding on a simple and suitable analysis method is always a challenging task, which requires a continuous exploration of new analysis methods. This paper presents a simple and generic method for cyberattack analysis using an attack tree and fuzzy rules. The attack tree provides a graphical and granular relationship between a cyberattacker and a victim to understand the taxonomy of an attack. Subsequently, the probability and risk of each leaf node in the attack tree is calculated using the proposed formulas. Finally, fuzzy rules formalise human reasoning to manage the approximation and uncertainty of the data to determine the overall risk of attack. This method proposes a process consisting of a sequence of steps to perform a step-by-step analysis of a cyberattack and evaluate its potential risk in a simple and efficient manner, hence its prevention and mitigation can be determined beforehand. Furthermore, the paper presents a case study of an information theft attack on an organisation and its analysis using the proposed analysis method, which can be beneficial in the analysis of other similar attacks.
Original languageEnglish
Title of host publicationContributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK
EditorsNitin Naik, Paul Jenkins, Paul Grace, Longzhi Yang, Shaligram Prajapat
Pages364-378
ISBN (Electronic)9783031475085
DOIs
Publication statusPublished - 1 Feb 2024

Publication series

NameAdvances in Computational Intelligence Systems
PublisherSpringer
Volume1453
ISSN (Print)2194-5357
ISSN (Electronic)2194-5365

Keywords

  • cyberattack analysis
  • attack tree
  • fuzzy logic
  • fuzzy rules
  • Probability of attack
  • Risk of attack
  • Severity of attack
  • information theft attack

Fingerprint

Dive into the research topics of 'Analysing Cyberattacks Using Attack Tree and Fuzzy Rules'. Together they form a unique fingerprint.
  • An Introduction to Federated Learning: Working, Types, Benefits and Limitations

    Naik, D. & Naik, N., 1 Feb 2024, Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK. Naik, N., Jenkins, P., Grace, P., Yang, L. & Prajapat, S. (eds.). p. 3-17 (Advances in Computational Intelligence Systems ; vol. 1453).

    Research output: Chapter in Book/Published conference outputConference publication

  • Artificial Intelligence (AI) Applications in Chemistry

    Naik, I., Naik, D. & Naik, N., 1 Feb 2024, Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK. Naik, N., Jenkins, P., Grace, P., Yang, L. & Prajapat, S. (eds.). Springer, p. 545-557 13 p. (Advances in Computational Intelligence Systems; vol. 1453).

    Research output: Chapter in Book/Published conference outputConference publication

  • Cyberattack Analysis Utilising Attack Tree with Weighted Mean Probability and Risk of Attack

    Naik, N., Jenkins, P., Grace, P., Prajapat, S., Song, J., Xu, J. & M. Czekster, R., 1 Feb 2024, Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK. Naik, N., Jenkins, P., Grace, P., Yang, L. & Prajapat, S. (eds.). p. 351-363 (Advances in Computational Intelligence Systems; vol. 1453).

    Research output: Chapter in Book/Published conference outputConference publication

Cite this