EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Using cyber defense exercises to obtain additional data for attacker profiling
KTH Royal Institute of Technology, Sweden.
RISE, Swedish ICT, SICS, Software and Systems Engineering Laboratory.ORCID iD: 0000-0003-2017-7914
KTH Royal Institute of Technology, Sweden.
KTH Royal Institute of Technology, Sweden.
2016 (English)In: 2016 IEEE Conference on Intelligence and Security Informatics (ISI), 2016, p. 37-42Conference paper, Published paper (Refereed)
Abstract [en]

In order to be able to successfully defend an IT system it is useful to have an accurate appreciation of the cyber threat that goes beyond stereotypes. To effectively counter potentially decisive and skilled attackers it is necessary to understand, or at least model, their behavior. Although the real motives for untraceable anonymous attackers will remain a mystery, a thorough understanding of their observable actions can still help to create well-founded attacker profiles that can be used to design effective countermeasures and in other ways enhance cyber defense efforts. In recent work empirically founded attacker profiles, so-called attacker personas, have been used to assess the overall threat situation for an organization. In this paper we elaborate on 1) the use of attacker personas as a technique for attacker profiling, 2) the design of tailor-made cyber defense exercises for the purpose of obtaining the necessary empirical data for the construction of such attacker personas, and 3) how attacker personas can be used for enhancing the situational awareness within the cyber domain. The paper concludes by discussing the possibilities and limitations of using cyber defense exercises for data gathering, and what can and cannot be studied in such exercises.
Place, publisher, year, edition, pages
2016. p. 37-42
Keywords [en]
Cyber defense exercise, behavioral modeling, attacker persona, cyber situational awareness
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:ri:diva-28276DOI: 10.1109/ISI.2016.7745440Scopus ID: 2-s2.0-85004190314ISBN: 978-1-5090-3865-7 (electronic)OAI: oai:DiVA.org:ri-28276DiVA, id: diva2:1076371
Conference
2016 IEEE Conference on Intelligence and Security Informatics (ISI 2016), September 28-30, 2016, Tucson, US
Available from: 2017-02-22 Created: 2017-02-22 Last updated: 2023-06-08Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Franke, Ulrik

Search in DiVA

By author/editor
Franke, Ulrik
By organisation
Software and Systems Engineering Laboratory
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 69 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.40.0
|
WCAG