IEEE Access (Jan 2024)

V2TSA: Analysis of Vulnerability to Attack Techniques Using a Semantic Approach

  • Do-Yeon Kim,
  • Seong-Su Yoon,
  • Ieck-Chae Euom

DOI
https://doi.org/10.1109/ACCESS.2024.3495663
Journal volume & issue
Vol. 12
pp. 166742 – 166760

Abstract

Read online

In recent years, vulnerabilities in industrial control systems have increased substantially. The operational environment’s availability constraints hinder penetration testing from the attacker’s perspective as a viable vulnerability management method, thereby limiting the ability to map attack flows fully. To address this, research has been focused on understanding attack techniques by analyzing vulnerability descriptions that detail the attack flow of these vulnerabilities. However, existing research faces the challenge of not fully capturing the overall meaning of sentences, as it relies on word embedding-based learning for vulnerability information. This study proposes the V2TSA model, which uses a semantic approach to extract attack technique information from vulnerability descriptions. Additionally, the study seeks to identify the most efficient attack techniques by applying a threshold of at least 10% for the similarity probability between vulnerability and attack technique descriptions. Compared to expert analysis, the proposed model effectively identifies specific attack paths associated with vulnerabilities. Moreover, the vulnerability attack information can be leveraged to implement appropriate detection and mitigation strategies.

Keywords