Internet Archive Scholar

Global adversarial capability modeling

Jonathan Spring, Sarah Kern, Alec Summers
2015 2015 APWG Symposium on Electronic Crime Research (eCrime)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (397.4 kB)
https://web.archive.org/web/20200709135340/https://resources.sei.cmu.edu/asset_files/ConferencePaper/2015_021_001_438874.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Intro: Computer network defense has models for attacks and incidents comprised of multiple attacks after the fact. However, we lack an evidence-based model the likelihood and intensity of attacks and incidents. Purpose: We propose a model of global capability advancement, the adversarial capability chain (ACC), to fit this need. The model enables cyber risk analysis to better understand the costs for an adversary to attack a system, which directly influences the cost to defend it. Method: The
more » ... del is based on four historical studies of adversarial capabilities: capability to exploit Windows XP, to exploit the Android API, to exploit Apache, and to administer compromised industrial control systems. Result: We propose the ACC with five phases: Discovery, Validation, Escalation, Democratization, and Ubiquity. We use the four case studies as examples as to how the ACC can be applied and used to predict attack likelihood and intensity.
doi:10.1109/ecrime.2015.7120797 dblp:conf/ecrime/SpringKS15 fatcat:zghpmhyhsveu5dnzggk66jpvde
Citation

Jonathan Spring, Sarah Kern, Alec Summers. "Global adversarial capability modeling." 2015 APWG Symposium on Electronic Crime Research (eCrime) (2015) 22-42