I am trying to investigate how the understanding of human cognition in cyber domain can be helpful for developing solutions against cyber attacks.
Read this article
https://www.splunk.com/content/dam/splunk2/pdfs/white-papers/esg-solution-showcase-splunk-may-2015.pdf
Human Hacker may employ strategy of attack vector, at the planning phase before the attack he may plan in his mind. After planning the methods to attack he may prioritize these shortlisted methods. You can use AHP to prioritize the attacks.
pl read this paper available on ACM Digital Library
Analytic Hierarchy Process (AHP) to find Most Probable Web Attack on an E-commerce Site
Behavioral analysis of human can be categorized into two groups normal behavior and up-normal behavior. For example, the normal behavior for students when they go to the class to bring notebook, pin, and books, while the up-normal behavior is to bring with them food, cigarette, animals. In your case, you have to study the hackers behavior deeply and identify the most possible set of up-normal behavior (scenarios). this can be done using qualitative research, downloading videos from YouTube, reviewing documents, papers and/or books related to hackers behavior to collect as much as you can of data-set. after that you can you face recognition, image or video processing to train your data.
All the best.
http://www.sci-int.com/pdf/201965277312--741-744-Yussif-Final-%20Composed%20%20Report%20recieved-MALYSIA.pdf
Hi Dear Palvi,
You Can Read This Papers.
https://arxiv.org/ftp/arxiv/papers/1601/1601.03921.pdf (Human Behaviour as an aspect of Cyber Security Assurance)
https://pdfs.semanticscholar.org/e755/aa8baf01ef655ef7b1472ceba505b7c45b91.pdf
http://scholarcommons.usf.edu/cgi/viewcontent.cgi?article=1094&context=jss
http://services.geant.net/cbp/Knowledge_Base/Network_Monitoring/Documents/gn3-na3-t4-cbpd133.pdf
Best Regards,
Ehsan
Palvi, that is a challenging area of cyber security-predicting human behavior with the objective of preventing attacks. My experience is that a combination of solutions (intelligence, physical security, personnel security, and technology) are needed, and even that combination is far from fool proof. With respect to the technological side, user activity monitoring can reduce risk somewhat by using data collection and activity analysis to identify behaviors defined as “suspicious,” for further evaluation by an intrusion detection analyst. Raytheon has a product that does that, and there are probably others.
https://www.forcepoint.com/product/data-insider-threat-protection/sureview-insider-threat
In addition, there is some very good information published by US CERT that I have used before on this topic.
https://www.cert.org/insider-threat/
Hope this helps-good luck in your research.
Regards
Mike
Palvi,
We're working this very issue at UCF/IST here in Orlando. The behavioral aspects of cyber (coupled with the complementary modeling of attackers) is extremely important in developing and using cyber solutions across the enterprise. Much of the legacy cyber defensive measures focus on the use of digital signatures of KNOWN attacks. Further, until recently, most of the cybersecurity measures focused on outside threats, whereas the insider threat detection and prevention issues have become much more prominent over the past 5 years or so.
There are some effective anomaly-based schema but we need to keep pushing the envelope on developing the defensive measures that can detect zero day attacks. Using behavioral analysis to get at these issues will definitely help build better solutions!
I think, to study hacker's behaviors, you need to classify the hacker's behaviors based on the motives then you need to determine these techniques that they use based on your classification after that you need to schedule all of these techniques in algorithm to better cyber security solutions.
In 2009 Jaishankar published his Space Transition Theory of Cybercrime Article Establishing a Theory of Cyber Crimes
. It is an interesting concept by which real-world behaviors/characteristics mimic digital behaviors/characteristics within cyber-crime. For example, a data thief in digital space will exhibit the same behavioral traits as a physical-world thief. This level of behavioral analysis may lead to better cyber-adversary attribution and AI/ML behavioral tracking and markers. Further, when taken in context of culture, such as a cyber-adversary from Russia/China/US, you can validate the behavioral traits with the culture of that nation-state to validate or further refine attribution.So, what does all this mean for defining cyber-solutions? By understanding human behavior we can predict actions. Humans patternistic creatures that will often do the same thing without thinking about it. A violent person is often consistently violent. A thief is almost always a thief. Understanding these aspects of a cyber-actor can lead to improved security operations and strategies. While these may not lead to new solutions they can lead to improved/refined use of current solutions.
- Badges
- Science topic
- Similar topics
- Methodology
- Research Methodology
- Research Papers