Cyber Reactive Adversary Framework for Training

Sean Guarino1, William Norsworthy1, David Kelle1, John Steigerwald1, Timothy Ho1, Dorsey Wilkin2 Interservice/Industry Training, Simulation, and Education Conference (I/ITSEC), Orlando, Florida (29 November 2023)  Networks have become a critical background for military operations as adversaries and hackers become increasingly prolific and proficient at cyber warfare. Despite this, cyber training has remained focused on large-scale exercise […]

Cyberattack Grammars for Risk/Cost Analysis

Patten, T., Mitchell, D., and Call, C. ICCWS 2020 : 15th International Conference on Cyber Warfare and Security, Norfolk, VA (March 2020). In practice, mitigating cyber risk involves economic analysis—it is not realistic to eliminate all risk, so the goal is to find the most cost-effective mitigations for the most significant risks. This economic analysis, […]

Cognitive Task Analysis Methods in Envisioned Tactical Command Decision Making

News Article Icon

McGeorge, N., Kane, S., and Muller, C. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, Volume 63, Issue 1, Pages 262-266 (November 2019) The battlespace is a volatile and complex environment in which tactical commanders face cognitively challenging responsibilities, compounded with the increased complexity of emerging cyber warfare. It is critical that tactical commanders gain adequate situation […]

Understanding Cyberattack Behaviors with Sentiment Information on Social Media

Shu, K.2, Sliva, A.1, Sampson, J.2, and Liu, H.2 Presented at the 2018 International Conference on Social Computing, Behavioral-Cultural Modeling, & Prediction and Behavior Representation in Modeling and Simulation (SBP-BRiMS), Washington DC, USA (July 2018) In today’s increasingly connected world, cyberattacks have become a serious threat with detrimental effects on individuals, businesses,and broader society. Truly mitigating […]

Leveraging Systemic Functional Grammars for Script Analysis and Understanding Human Behavior

Sliva, A., Call, C., and Patten, T. Presented at the 45th International Systemic Functional Congress (ISFC 2018), Boston, MA (July 2018). In sociolinguistics, it is desirable to understand not only social-functional aspects of language, but also the broader social and behavioral landscape. In psychology, script theory posits that human behavior follows discernable patterns, or “scripts,” […]

Designing a Pragmatic Graphical Grammar

Eusebi, L., and Guarino, S. Presented at the 2017 IEEE Conference on Cognitive and Computational Aspects of Situation Management (CogSIMA), Savannah, GA (March 2017) Modern adversaries have become more proficient in conducting cyberattacks against our military’s command and control (C2) infrastructure. To maintain security against these threats, operators perform a range of high-fidelity security assessments of […]

Predicting Signatures of Future Malware Variants

Howard, M., Pfeffer, A., Dalal, M., and Reposa, M. The 12th International Conference on Malicious and Unwanted Software (MALWARE 2017) One of the challenges of malware defense is that the attacker has the advantage over the defender. In many cases, an attack is successful and causes damage before the defender can even begin to prepare […]

Probabilistic Modeling of Insider Threat Detection Systems

Ruttenberg, B.1, Blumstein, D.1, Druce, J.1, Howard, M.1, Reed, F.1, Wilfong, L.2, Lister, C.2, Gaskin, S.3, Foley, M.4, and Scofield, D.4 Presented at The Fourth International Workshop on Graphical Models for Security (GraMSec 2017), Santa Barbara, CA (August 2017) Due to the high consequences of poorly performing automated insider threat detection systems (ITDSs), it is advantageous […]

Hybrid Modeling of Cyber Adversary Behavior

Sliva, A., Guarino, S., Weyhrauch, P., Galvin, P., Mitchell, D., Campolongo, J., and Taylor, T. Presented at the International Conference on Social Computing, Behavioral Modeling, and Prediction, Washington, DC (July 2017). Cyber adversaries continue to become more proficient and sophisticated, increasing the vulnerability of the network systems that pervade all aspects of our lives. While there are […]

CAML: Machine Learning-based Predictable, System-Level Anomaly Detection

Song1, J., Fry2, G., Wu2, C., and Parmer1, G. 1st Workshop on Security and Dependability of Critical Embedded Real-Time Systems, in conjunction with IEEE Real-Time Systems Symposium, Porto, Portugal  (November 2016). Security challenges are increasing in distributed cyber-physical systems (CPSs), which integrate computation and physical processes. System security is complicated by both the temporal and safety […]

Hierarchical Management of Large-Scale Malware Data

Kellogg, L., Ruttenberg, B., O’Connor, A., Howard, M., and Pfeffer, A. Presented at the IEEE International Conference on Big Data 2014 (IEEE BigData 2014), Washington, DC (October 2014) As the pace of generation of new malware accelerates, clustering and classifying newly discovered malware requires new approaches to data management. We describe our Big Data approach to managing malware […]

Identifying Shared Software Components to Support Malware Forensics

Ruttenberg, B.1, Miles, C.2, Kellogg, L.2, Notani, V.2, Howard, M.1, Ledoux, C.2, Lakhotia, A.2, and Pfeffer, A.1 Presented at the 11th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Egham, England (July 2014)   Recent reports from the anti-malware industry indicate similarity between malware code resulting from code reuse can aid in developing a […]