Visualization and Natural Language Representation of Simulated Cyber Attacks

Sammanfattning: The attack path is an effective tool for showing possible hacking routestaken by an attacker to target a specific computer network. It also informsadministrators about potential weakness in a network helpingthem roll-out network configuration changes. Based on predefinedcomputing methods, a large number of attack paths can be generated.However, attack paths show all possible routes for each calculationand represent them with terminologies specific to the cybersecurityfield. A major portion of attack routes and representations aretoo complicated for normal users, making it difficult to identify theparts they should pay more attention to. In this thesis project, a frameworkfor generating a concise and user-friendly attack path throughgrouping continuous attack steps is described. The framework is designedwith 6 levels of hierarchical abstraction. Top 3 levels of theseabstractions are classified based on the predefined structure of the softwareand named Structural Division. The other 3 lower levels areclassified based on semantics involving a taxonomy for natural languagerepresentation called SCV (Security Community Vocabulary),named semantics division. This visualization method is released aspart of securiCADR , a cybersecurity product released by Foreseeti,which provides a concise and understandable interaction by aggregatingoriginal attack steps according to different requirements of customers.