Toggle Main Menu Toggle Search

Open Access padlockePrints

Detection of attack strategies

Lookup NU author(s): Suliman Alsuhibany, Dr Charles Morisset, Professor Aad van Moorsel


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


An intrusion and attack detection system usually focuses on classifying a record as either normal or abnormal. In some cases such as insider attacks, attackers rely on feedback from the attacked system, which enables them to gradually manipulate their attempts in order to avoid detection. This paper proposes the notion of accumulative manipulation that can be observed through a number of attempts accomplished by the attacker, which forms the basis of the Attacker Learning Curve (ALC). Based on a controlled experiment, we first show that the ALC for three different attack strategies are consistent between two different groups of subjects. We then define a strategy detection mechanism, which is experimentally shown to be accurate more than 70% of the time. © 2013 IEEE.

Publication metadata

Author(s): Alsuhibany SA, Morisset C, Van Moorsel A

Publication type: Conference Proceedings (inc. Abstract)

Publication status: Published

Conference Name: 2013 International Conference on Risks and Security of Internet and Systems, CRiSIS 2013

Year of Conference: 2013

Online publication date: 13/03/2014

Publisher: IEEE Computer Society


DOI: 10.1109/CRiSIS.2013.6766353