Global adversarial capability modeling
| Title | Global adversarial capability modeling |
| Publication Type | Conference Paper |
| Year of Publication | 2015 |
| Authors | Spring, J., Kern, S., Summers, A. |
| Conference Name | 2015 APWG Symposium on Electronic Crime Research (eCrime) |
| Date Published | May 2015 |
| Publisher | IEEE |
| ISBN Number | 978-1-4799-8909-6 |
| Keywords | Analytical models, Androids, Biological system modeling, CND, Computational modeling, computer network defense, cybersecurity, Humanoid robots, Incident Response, Integrated circuit modeling, intelligence, Intrusion detection, Modeling, pubcrawl170109, security, Software systems |
| Abstract | Intro: Computer network defense has models for attacks and incidents comprised of multiple attacks after the fact. However, we lack an evidence-based model the likelihood and intensity of attacks and incidents. Purpose: We propose a model of global capability advancement, the adversarial capability chain (ACC), to fit this need. The model enables cyber risk analysis to better understand the costs for an adversary to attack a system, which directly influences the cost to defend it. Method: The model is based on four historical studies of adversarial capabilities: capability to exploit Windows XP, to exploit the Android API, to exploit Apache, and to administer compromised industrial control systems. Result: We propose the ACC with five phases: Discovery, Validation, Escalation, Democratization, and Ubiquity. We use the four case studies as examples as to how the ACC can be applied and used to predict attack likelihood and intensity. |
| URL | https://ieeexplore.ieee.org/document/7120797 |
| DOI | 10.1109/ECRIME.2015.7120797 |
| Citation Key | spring_global_2015 |