{"title":"Forensic Profiling of Cyber-Security Adversaries based on Incident Similarity Measures Interaction Index","authors":"V. Kebande, Nickson M. Karie, R. Wario, H. Venter","doi":"10.1109/ICONIC.2018.8601279","DOIUrl":null,"url":null,"abstract":"In today’s complex cyber space, forecasting the likelihood or probability that a Cyber Security Adversary (CSA) is likely to attack a given infrastructure, system or a networked environment requires a critical analysis of digital data that at that particular time is treated as potential evidence. Digital forensic tools have more often than not been employed in such tasks, however, this aspect has often faced a number of uncertainties. This paper addresses the lack of effective techniques of profiling CSAs in order to discover adversarial motives based on incident similarity measure metrics. The authors of this paper propose an approach that uses an Incident Similarity Measure Interaction Index (ISMII) metric, through which, for example, two independent Cyber Security Incidents (CSI) can be measured and be correlated in order to link a digital crime to the perpetrator. By realising such measures using the ISMII metric, digital forensic investigators are able to profile, predict, and correlate CSI patterns with a degree of certainty. The result of the study depicts a new ISMII metric that is able to compute closely matching cyber-security based incidents.","PeriodicalId":277315,"journal":{"name":"2018 International Conference on Intelligent and Innovative Computing Applications (ICONIC)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Intelligent and Innovative Computing Applications (ICONIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICONIC.2018.8601279","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
In today’s complex cyber space, forecasting the likelihood or probability that a Cyber Security Adversary (CSA) is likely to attack a given infrastructure, system or a networked environment requires a critical analysis of digital data that at that particular time is treated as potential evidence. Digital forensic tools have more often than not been employed in such tasks, however, this aspect has often faced a number of uncertainties. This paper addresses the lack of effective techniques of profiling CSAs in order to discover adversarial motives based on incident similarity measure metrics. The authors of this paper propose an approach that uses an Incident Similarity Measure Interaction Index (ISMII) metric, through which, for example, two independent Cyber Security Incidents (CSI) can be measured and be correlated in order to link a digital crime to the perpetrator. By realising such measures using the ISMII metric, digital forensic investigators are able to profile, predict, and correlate CSI patterns with a degree of certainty. The result of the study depicts a new ISMII metric that is able to compute closely matching cyber-security based incidents.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
