Abstract
Cyber adversaries continue to become more proficient and sophisticated, increasing the vulnerability of the network systems that pervade all aspects of our lives. While there are many approaches to modeling network behavior and identifying anomalous and potentially malicious traffic, most of these approaches detect attacks once they have already occurred, enabling reaction only after the damage has been done. In traditional security studies, mitigating attacks has been a focus of many research and planning efforts, leading to a rich field of adversarial modeling to represent and predict what an adversary might do. In this paper, we present an analogous approach to modeling cyber adversaries to gain a deeper understanding of the behavioral dynamics underlying cyber attacks and enable predictive analytics and proactive defensive planning. We present a hybrid modeling approach that combines aspects of cognitive modeling, decision-theory, and reactive planning to capture different facets of adversary decision making and behavior.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bremmer, I.: These 5 Facts Explain the Threat of Cyber Warfare, TIME, 19 June 2015
Rosenberg, B., Furtak, M., Guarino, S., Harper, K., Metzger, M., Neal Reilly, S., Niehaus, J., Weyhrauch, P.: Easing behavior authoring of intelligent entities for training. In: Conference on Behavior Representation in Modeling and Simulation (BRIMS) (2011)
Furtak, M.: Introducing AgentWorks. In: 14th Intelligent Agents Sub-IPT (2009)
Li, S., Rickert, R., Sliva, A.: Risk-based models of attacker behavior in cybersecurity. In: Greenberg, A.M., Kennedy, W.G., Bos, N.D. (eds.) SBP 2013. LNCS, vol. 7812, pp. 523–532. Springer, Heidelberg (2013). doi:10.1007/978-3-642-37210-0_57
Pfeffer, A.: Probabilistic relational models for situational awareness. In: AIAA Infotech@Aerospace (2010)
Friedman, N., Getoor, L., Koller, D., Pfeffer, A.: Learning probabilistic relational models. In: Sixteenth International Joint Conference on Artificial Intelligence (IJCAI-1999) (1999)
Murphy, K.: Dynamic Bayesian networks: representation, inference, and learning, U.C. Berkeley (2002)
Pfeffer, A., Tai, T.: Asynchronous dynamic Bayesian networks. In: Uncertainty in Artificial Intelligence (2005)
Hongeng, S., Nevatia, R.: Large-scale event detection using semi-hidden Markov models. In: International Conference on Computer Vision, vol. 2, pp. 1455–1462 (2003)
Schrodt, P.A.: Forecasting conflict in the Balkans using hidden Markov models. In: Trappl, R. (ed.) Programming for Peace. Springer, Dordrecht (2006)
Halliday, M.A.: On Language and Linguistics, vol. 3. Continuum, New York (2003)
Winograd, T.: Understanding natural language. Cogn. Psychol. 3, 1–191 (1972)
Mann, W.C., Matthiessen, C.: Nigel: a systemic grammar for text generation, USC/Information Sciences Institute (1983)
Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 Workshop on New Security Paradigms, pp. 71–79 (1998)
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224 (2002)
Firby, J.R.: Adaptive execution in complex dynamic worlds, Yale University, Department of Computer Science (1989)
Loyall, A.B.: Believable Agents: Building Interactive Personalities. Carnegie Mellon University, Pittsburgh (1997)
Acknowledgements
This material is based upon work supported by the Communications-Electronics, Research, Development and Engineering Center (CERDEC) under Contract No. W56KGU-15-C-0053 and the Office of the Director of National Intelligence (ODNI) and the Intelligence Advanced Research Projects Activity (IARPA) via the Air Force Research Laboratory (AFRL) contract number FA8750-16-C-0108. The US Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright annotation thereon.
Disclaimer: The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of CERDEC, ODNI, IARPA, AFRL, or the US Government.”
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Sliva, A. et al. (2017). Hybrid Modeling of Cyber Adversary Behavior. In: Lee, D., Lin, YR., Osgood, N., Thomson, R. (eds) Social, Cultural, and Behavioral Modeling. SBP-BRiMS 2017. Lecture Notes in Computer Science(), vol 10354. Springer, Cham. https://doi.org/10.1007/978-3-319-60240-0_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-60240-0_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-60239-4
Online ISBN: 978-3-319-60240-0
eBook Packages: Computer ScienceComputer Science (R0)