Global adversarial capability modeling | IEEE Conference Publication | IEEE Xplore

Global adversarial capability modeling


Abstract:

Intro: Computer network defense has models for attacks and incidents comprised of multiple attacks after the fact. However, we lack an evidence-based model the likelihood...Show More

Abstract:

Intro: Computer network defense has models for attacks and incidents comprised of multiple attacks after the fact. However, we lack an evidence-based model the likelihood and intensity of attacks and incidents. Purpose: We propose a model of global capability advancement, the adversarial capability chain (ACC), to fit this need. The model enables cyber risk analysis to better understand the costs for an adversary to attack a system, which directly influences the cost to defend it. Method: The model is based on four historical studies of adversarial capabilities: capability to exploit Windows XP, to exploit the Android API, to exploit Apache, and to administer compromised industrial control systems. Result: We propose the ACC with five phases: Discovery, Validation, Escalation, Democratization, and Ubiquity. We use the four case studies as examples as to how the ACC can be applied and used to predict attack likelihood and intensity.
Date of Conference: 26-29 May 2015
Date Added to IEEE Xplore: 11 June 2015
Electronic ISBN:978-1-4799-8909-6

ISSN Information:

Conference Location: Barcelona, Spain

I. Introduction

The number of adversaries, and their skill level, attacking a network defender are key informational components to defensive planning. However, estimating the extent of adversarial capability has historically been difficult, especially in the cyber domain. This paper describes a model to better estimate and reason about global adversarial capability and the landscape of computer network attacks (CNA). The model identifies and clarifies trends in the progression of adversary capabilities and provides a clearer view of the global threat landscape.

Contact IEEE to Subscribe

References

References is not available for this document.