Modeling and reasoning about adversarial behavior for increased cyber situation awareness

Previous research suggests that in many circumstances decision-makers do not take adversarial behavior into account to the extent that would be prudent. How can cyber situation awareness be improved by reasoning about adversarial behavior to better identify things like diversions? The question is more difficult than to solely distinguish between nonadversarial and adversarial cyberthreats—the strategies available to an insider will be totally different from the strategies available to a state-sponsored cyber operation, and the utilities, that is, how different attackers value outcomes, will also be very different. The project seeks to investigate and model the involved complexities to come up with solutions for better cyber situation awareness in situations characterized by adversarial thinking, that is, to “reason about reasoning,” to ultimately assist in intelligence work.

Forskare