| Title | Pattern Discovery in Intrusion Chains and Adversarial Movement |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Asadi, Nima, Rege, Aunshul, Obradovic, Zoran |
| Conference Name | 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) |
| Keywords | adversarial movement, composability, Computer crime, cyber security, cybercrimes, cybersecurity, data mining, data-driven analysis, decision making, intrusion chains, intrusion stages, Metrics, organisational aspects, pattern discovery, pubcrawl, resilience, Resiliency, situational awareness, social networking (online), social networks, time series, Time series analysis |
| Abstract | Capturing the patterns in adversarial movement can present crucial insight into team dynamics and organization of cybercrimes. This information can be used for additional assessment and comparison of decision making approaches during cyberattacks. In this study, we propose a data-driven analysis based on time series analysis and social networks to identify patterns and alterations in time allocated to intrusion stages and adversarial movements. The results of this analysis on two case studies of collegiate cybersecurity exercises is provided as well as an analytical comparison of their behavioral trends and characteristics. This paper presents preliminary insight into complexities of individual and group level adversarial movement and decision-making as cyberattacks unfold. |
| DOI | 10.1109/CyberSA.2019.8899391 |
| Citation Key | asadi_pattern_2019 |
Pattern Discovery in Intrusion Chains and Adversarial Movement