Mercredi 17
Session doctorants
Maxime Puys
› 15:40 - 15:50 (10min)
Sharing and replaying attack scenarios with Moirai
Guillaume Brogi  1, 2@  , Valérie Viet Triem Tong  3  
1 : Centre d'Etude et De Recherche en Informatique du Cnam  (CEDRIC)  -  Site web
Conservatoire National des Arts et Métiers [CNAM], Conservatoire National des Arts et Métiers [CNAM] : EA4629
292 Rue St Martin FR-75141 Paris Cedex 03 -  France
2 : Akheros
Université de Bretagne Sud (UBS), Télécom Bretagne, SUPELEC, INRIA, École normale supérieure (ENS) - Cachan, Institut National des Sciences Appliquées (INSA) - Rennes, Universite de Rennes 1, CNRS : UMR6074

Datasets are necessary for evaluating and comparing security solutions. Today, the most well-known such public dataset is still the oft-decried IDEVAL dataset. Even if we don't take into account all the inherent shortcomings of this dataset, the fact it dates back to 1999 means its relevance is all but lost. Without a public dataset, new security solutions cannot be compared to existing ones. In this article, we argue for the need of a public and modern dataset for the evaluation of security solutions. Moreover, we argue that traditional datasets are too restrictive in the approaches they allow. Thus, we present Moirai. Instead of sharing datasets, Moirai shares the scenarios used to create datasets. This allows for the creation of complex scenarios which could, for example, represent an Advanced Persistent Threat (APT). By sharing the scenarios, Moirai allows solutions based on disparate ideas to be compared.

Personnes connectées : 1