Association Analysis Of Cyber-Attack Attribution Based On Threat Intelligence

Technical advances in cyber-attack attribution continues to show incremental improvement. A growing interest in the role of the human in perception management, and decision-making suggest that other aspects of human cognition may be able to help inform attribution, and other aspects of cyber security such as defending and training. Values shape behaviors and cultural values set norms for groups of people. Therefore, they should be considered when modeling behaviors. The lack of studies in this area requires exploration and foundational work to learn the limits of this area of research. This chapter highlights some of the findings of some of the recent studies.

Download Full-text

Under false flag: using technical artifacts for cyber attack attribution

Cybersecurity ◽

10.1186/s42400-020-00048-4 ◽

2020 ◽

Vol 3 (1) ◽

Author(s):

Florian Skopik ◽

Timea Pahi

Keyword(s):

Cyber Attack ◽

Attack Attribution ◽

Technical Artifacts

Download Full-text

Attack Analysis Framework for Cyber-Attack and Defense Test Platform

Electronics ◽

10.3390/electronics9091413 ◽

2020 ◽

Vol 9 (9) ◽

pp. 1413

Author(s):

Yulu Qi ◽

Rong Jiang ◽

Yan Jia ◽

Aiping Li

Keyword(s):

Association Analysis ◽

Cyber Security ◽

Rational Expectation ◽

Automated Analysis ◽

Knowledge Graph ◽

Rule Base ◽

Time Interval ◽

Cyber Attack ◽

Analysis Framework ◽

Attack And Defense

In 2012, Google first proposed the knowledge graph and applied it in the field of intelligent searching. Subsequently, knowledge graphs have been used for in-depth association analysis in different fields. In recent years, composite attacks have been discovered through association analysis in the field of cyber security. This paper proposes an attack analysis framework for cyber-attack and defense test platforms, which stores prior knowledge in a cyber security knowledge graph and attack rule base as data that can be understood by a computer, sets the time interval of analysis on the Spark framework, and then mines attack chains from massive data with spatiotemporal constraints, so as to achieve the balance between automated analysis and real-time accurate performance. The experimental results show that the analysis accuracy depends on the completeness of the cyber security knowledge graph and the precision of the detection results from security equipment. With the rational expectation about more exposure of attacks and faster upgrade of security equipment, it is necessary and meaningful to constantly improve the cyber security knowledge graph in the attack analysis framework.

Download Full-text

Cyber + Culture

Advances in Digital Crime, Forensics, and Cyber Terrorism - Psychological and Behavioral Examinations in Cyber Security ◽

10.4018/978-1-5225-4053-3.ch004 ◽

2018 ◽

pp. 64-79

Author(s):

Char Sample ◽

Jennifer Cowley ◽

Jonathan Z. Bakdash

Keyword(s):

Cultural Values ◽

Cyber Security ◽

Human Cognition ◽

Cyber Attack ◽

Cyber Culture ◽

Perception Management ◽

Technical Advances ◽

Attack Attribution ◽

Incremental Improvement ◽

Foundational Work

Technical advances in cyber-attack attribution continues to show incremental improvement. A growing interest in the role of the human in perception management, and decision-making suggest that other aspects of human cognition may be able to help inform attribution, and other aspects of cyber security such as defending and training. Values shape behaviors and cultural values set norms for groups of people. Therefore, they should be considered when modeling behaviors. The lack of studies in this area requires exploration and foundational work to learn the limits of this area of research. This chapter highlights some of the findings of some of the recent studies.

Download Full-text