Understanding Bifurcation of Slow Versus Fast Cyber-Attackers

Maarten van Wieren, Christian Doerr, Vivian Jacobs, Wolter Pieters

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    Abstract

    Anecdotally, the distinction between fast “Smash-and-Grab‿ cyber-attacks on the one hand and slow attacks or “Advanced Persistent Threats‿ on the other hand is well known. In this article, we provide an explanation for this phenomenon as the outcome of an optimization from the perspective of the attacker. To this end, we model attacks as an interaction between an attacker and a defender and infer the two types of behavior observed based on justifiable assumptions on key variables such as detection thresholds. On the basis of our analysis, it follows that bi-modal detection capabilities are optimal.
    Original languageEnglish
    Title of host publicationData Privacy Management and Security Assurance
    Subtitle of host publication11th International Workshop, DPM 2016 and 5th International Workshop, QASA 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings
    EditorsGiovanni Livraga, Vicenç Torra, Alessandro Aldini, Fabio Martinelli, Neeraj Suri
    Place of PublicationCham
    PublisherSpringer
    Pages19-33
    Number of pages15
    ISBN (Electronic)978-3-319-47072-6
    ISBN (Print)978-3-319-47071-9
    DOIs
    Publication statusPublished - 2016
    Event5th International Workshop on Quantitative Aspects in Security Assurance, QASA 2016 - Heraklion, Greece
    Duration: 26 Sep 201627 Sep 2016
    Conference number: 5

    Publication series

    NameLecture notes in computer science
    PublisherSpringer
    Volume9963
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Workshop

    Workshop5th International Workshop on Quantitative Aspects in Security Assurance, QASA 2016
    Abbreviated titleQASA
    CountryGreece
    CityHeraklion
    Period26/09/1627/09/16

    Keywords

    • Information security
    • Cyber-attack
    • Smash-and-grab
    • Behavioral optimization
    • EC Grant Agreement nr.: FP7/318003
    • Economic models
    • APT
    • Bifurcation
    • EC Grant Agreement nr.: FP7/2007-2013

    Cite this

    van Wieren, M., Doerr, C., Jacobs, V., & Pieters, W. (2016). Understanding Bifurcation of Slow Versus Fast Cyber-Attackers. In G. Livraga, V. Torra, A. Aldini, F. Martinelli, & N. Suri (Eds.), Data Privacy Management and Security Assurance: 11th International Workshop, DPM 2016 and 5th International Workshop, QASA 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings (pp. 19-33). (Lecture notes in computer science; Vol. 9963). Cham: Springer. https://doi.org/10.1007/978-3-319-47072-6_2