Characterizing the Behavior of Cyber Adversaries: The Means, Motive, and Opportunity of Cyberattacks
pdf
ABSTRACT:
To provide insight on system security and aid decision-makers, we propose a method to quantitatively evaluate the strength of a system’s security. Our approach is to create an executable state-based security model of the system under attack. In this paper, we focus on the development of the adversary attack behavior model, which is one part of the overall security model. We show how three key aspects of an adversary’s successful cyberattack—means, motive, and opportunity—translate into the notions of probability of success given attempt, probability of attempt, and precondition.
Tags:
Submitted by Katie Dey
on