Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Using cyber defense exercises to obtain additional data for attacker profiling
RISE, Swedish ICT, SICS, Software and Systems Engineering Laboratory.ORCID iD: 0000-0003-2017-7914
2016 (English)Conference paper (Refereed)
Abstract [en]

In order to be able to successfully defend an IT system it is useful to have an accurate appreciation of the cyber threat that goes beyond stereotypes. To effectively counter potentially decisive and skilled attackers it is necessary to understand, or at least model, their behavior. Although the real motives for untraceable anonymous attackers will remain a mystery, a thorough understanding of their observable actions can still help to create well-founded attacker profiles that can be used to design effective countermeasures and in other ways enhance cyber defense efforts. In recent work empirically founded attacker profiles, so-called attacker personas, have been used to assess the overall threat situation for an organization. In this paper we elaborate on 1) the use of attacker personas as a technique for attacker profiling, 2) the design of tailor-made cyber defense exercises for the purpose of obtaining the necessary empirical data for the construction of such attacker personas, and 3) how attacker personas can be used for enhancing the situational awareness within the cyber domain. The paper concludes by discussing the possibilities and limitations of using cyber defense exercises for data gathering, and what can and cannot be studied in such exercises.

Place, publisher, year, edition, pages
2016.
National Category
Computer Science
Identifiers
URN: urn:nbn:se:ri:diva-28276DOI: 10.1109/ISI.2016.7745440OAI: oai:DiVA.org:ri-28276DiVA: diva2:1076371
Conference
2016 IEEE Conference on Intelligence and Security Informatics (IEEE ISI 2016), 28-30 Sep 2016, Tucson, Arizona, USA
Available from: 2017-02-22 Created: 2017-02-22 Last updated: 2017-04-25Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full texthttp://dx.doi.org/10.1109/ISI.2016.7745440

Search in DiVA

By author/editor
Franke, Ulrik
By organisation
Software and Systems Engineering Laboratory
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

Total: 2 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.25.0