Abstract
Cyber warfare is currently an information poor environment, where knowledge of adversary identity, goals, and resources is critical, yet difficult to come by. Reliably identifying adversaries through direct attribution of cyber activities is not currently a realistic option, but it may be possible to deduce the presence of an adversary within a collection of network observables, and build a profile consistent with those observations. In this paper, we explore the challenges of automatically generating cyber adversary profiles from network observations in the face of highly sophisticated adversaries whose goals, objectives, and perceptions may be very different from ours, and who may be utilizing deceptive activities to disguise their activities and intentions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
T. Alpcan and T. Baser, “An Intrusion Detection game with Limited Observations”, Proceedings of the International Symposium on Dynamic Games and Applications, 2006.
M. Boddy, J. Gohde, T. Haigh, and S. Harp. “Course of Action Generation for Cyber Security Using Classical Planning”, ICAPS, 2005.
W. Charles V., C. Connelly, et. al. “Generating client workloads and high-fidelity network traffic for controllable, repeatable experiments in computer security.” In Recent Advances in Intrusion Detection, pp. 218–237, 2010.
D. P. Dugan, S. R. Thomas, et. al., Categorizing Threat: Building and Using a Generic Threat Matrix: Sandia National Laboratories, 2007.
J. Glasser, B. Lindauer, “Bridging the Gap: A Pragmatic Approach to Generating Insider Threat Data”, IEEE Security and Privacy Workshop, 2013.
S. N. Hamilton, W. Hamilton. “Adversary Modeling and Simulation in Cyber Warfare”, International Information Security Conference, p. 461–475, 2008.
S. N. Hamilton, W. L. Miller, A. Ott, and O. S. Saydjari, The Role of Game Theory in Information Warfare, The Information Survivability Workshop, 2001a.
S. N. Hamilton, W. L. Miller, A. Ott, and O. S. Saydjari, “Challenges in Applying Game Theory to the Domain of Information Warfare”, The Information Survivability Workshop, 2001b.
S. Kirkpatrick; Gelatt Jr, C. D.; Vecchi, M. P. (1983). “Optimization by Simulated Annealing”, Science 220 (4598): 671–680.
K. Lye and J. Wing, Game Strategies in Network Security, Proceedings of the Foundations of Computer Security, 2002.
K. Meyers, O. S. Saydjari, et. al., ARDA Cyber Strategy and Tactics Workshop Final Report, 2002.
S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya, Q. Wu, “A Survey of Game Theory as Applied to Network Security”. In Proceedings of the 2010 43rd Hawaii International Conference on System Sciences (HICSS ’10).
Schmitt, Lothar M. “Theory of Genetic Algorithms”, Theoretical Computer Science 259: 1–61, 2001.
L. Wang, S. Noel, S. Jajodia, “Minimum-cost network hardening using attack graphs”, Computer Communications, Vol. 29, No. 18, pp. 3812–3824, 2006.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Hamilton, S. (2015). Automated Adversary Profiling. In: Jajodia, S., Shakarian, P., Subrahmanian, V., Swarup, V., Wang, C. (eds) Cyber Warfare. Advances in Information Security, vol 56. Springer, Cham. https://doi.org/10.1007/978-3-319-14039-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-14039-1_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14038-4
Online ISBN: 978-3-319-14039-1
eBook Packages: Computer ScienceComputer Science (R0)