Sharing and replaying attack scenarios with Moirai

Abstract : Datasets are necessary for evaluating and comparing security solutions. Today, the most well-known public dataset is still the oft-decried IDEVAL dataset. Even if we don't take into account all the inherent shortcomings of this dataset, the fact that it dates back to 1999 means its relevance is all but lost. Without a public dataset, new security solutions cannot be compared to existing ones. In this article, we argue for the need of a public and modern dataset for the evaluation of security solutions. Moreover, we argue that traditional datasets are too restrictive in the approaches they allow. Thus, we present Moirai. Instead of sharing datasets, Moirai shares the scenarios used to create datasets. This allows for the creation of complex scenarios which could, for example, represent an Advanced Persistent Threat (APT). By sharing the scenarios, Moirai allows solutions based on disparate ideas to be compared.
Document type :
Conference papers
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-01533275
Contributor : Guillaume Brogi <>
Submitted on : Tuesday, June 6, 2017 - 11:42:05 AM
Last modification on : Tuesday, November 12, 2019 - 4:10:18 PM
Long-term archiving on: Thursday, September 7, 2017 - 12:26:52 PM

Files

paper.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01533275, version 1

Citation

Guillaume Brogi, Valérie Viet Triem Tong. Sharing and replaying attack scenarios with Moirai. RESSI 2017: Rendez-vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information, May 2017, Autrans, France. ⟨hal-01533275⟩

Share

Metrics

Record views

1044

Files downloads

204