Most of the research in cyber exploitation has focused on the identification of attacks, attackers, and their devices. Many tools exist for device profiling, malware identification, user attribution, and attack analysis. However, most of the tools are intrusive, sensitive to data obfuscation, or provide anomaly flagging and not able to correctly classify the semantics and causes of network activities. In this paper, we review existing solutions that can identify functional and social roles of entities in cyberspace, discuss their weaknesses, and propose an approach for developing functional and social layers of cyber battle maps. |
ACCESS THE FULL ARTICLE
No SPIE Account? Create one
CITATIONS
Cited by 2 scholarly publications.
Network security
Analytical research
Data modeling
Expectation maximization algorithms
Image classification
Inspection
Performance modeling