Cyber Threat Analysis based on Characterizing Adversarial Behavior

The growth of information and communication technology is constantly revolutionizing various domains, e.g., energy & utility systems, healthcare, the Internet of Things, etc. This
inception of widespread cyber technology enables reliability and first operability of the system,
yet simultaneously imposes a risk of significant impact due to disruption of safe and secure operation. The attack surface is expanding, creating a cyber exposure gap, which indicates a higher
threat landscape and increased risk of compromise. This research is motivated by this increased
threat exposure, seeking an efficient modeling paradigm in order to initiate threat-informed defense. We aim to analyze multistage, multi-host attacks with diverse behavioral artifacts. First,
we describe the different levels of indicators and their effectiveness to understand the adversary
activity. Next, we integrate static network information with dynamic attack strategy by mapping
attack graphs into the attacker’s techniques and tactics. This contextual integration provides
insights into the attacker’s stealthy behavior. Following the enumeration of complexity and effort
for attack progression, we will investigate and explore recent and more updated attacker behavior
through threat report analysis.
Virtual: https://events.vtools.ieee.org/m/556253