Characterizing the Behavior of Cyber Adversaries: The Means, Motive, and Opportunity of Cyberattacks

pdf

ABSTRACT:

To provide insight on system security and aid decision-makers, we propose a method to quantitatively evaluate the strength of a system’s security. Our approach is to create an executable state-based security model of the system under attack. In this paper, we focus on the development of the adversary attack behavior model, which is one part of the overall security model. We show how three key aspects of an adversary’s successful cyberattack—means, motive, and opportunity—translate into the notions of probability of success given attempt, probability of attempt, and precondition.

Tags:

University of Illinois at Urbana-Champaign

Cyber Defense Agency

security quantification

state model

simulation

adversary attack behavior

Understanding the Cyber Adversary

Submitted by Katie Dey on Fri, 08/24/2012 - 07:50