Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
126 tokens/sec
GPT-4o
47 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Towards in-situ Psychological Profiling of Cybercriminals Using Dynamically Generated Deception Environments (2405.11497v1)

Published 19 May 2024 in cs.CR

Abstract: Cybercrime is estimated to cost the global economy almost \$10 trillion annually and with businesses and governments reporting an ever-increasing number of successful cyber-attacks there is a growing demand to rethink the strategy towards cyber security. The traditional, perimeter security approach to cyber defence has so far proved inadequate to combat the growing threat of cybercrime. Cyber deception offers a promising alternative by creating a dynamic defence environment. Deceptive techniques aim to mislead attackers, diverting them from critical assets whilst simultaneously gathering cyber threat intelligence on the threat actor. This article presents a proof-of-concept (POC) cyber deception system that has been developed to capture the profile of an attacker in-situ, during a simulated cyber-attack in real time. By dynamically and autonomously generating deception material based on the observed attacker behaviour and analysing how the attacker interacts with the deception material, the system outputs a prediction on the attacker's motive. The article also explores how this POC can be expanded to infer other features of the attacker's profile such as psychological characteristics. By dynamically and autonomously generating deception material based on observed attacker behaviour and analysing how the attacker interacts with the deception material, the system outputs a prediciton on the attacker's motive. The article also explores how this POC can be expanded to infer other features of the attacker's profile such as psychological characteristics.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (25)
  1. [n. d.]. MITRE ATT&CK®. https://attack.mitre.org/ [Online; accessed 2024-05-16].
  2. 2021. Pandora Papers - ICIJ. https://www.icij.org/investigations/pandora-papers/ [Online; accessed 2024-05-16].
  3. Cyber Threat Intelligence from Honeypot Data Using Elasticsearch. 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA), 900–906. https://doi.org/10.1109/AINA.2018.00132 ISSN: 2332-5658.
  4. Maria Bada and Jason R.C. Nurse. 2021. Profiling the Cybercriminal: A Systematic Review of Research. 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 1–8. https://doi.org/10.1109/CyberSA52016.2021.9478246
  5. Timothy Casey. 2007. Threat Agent Library Helps Identify Information Security Risks. DOI: 10.13140/RG.2.2.30094.46406.
  6. Hacker types, motivations and strategies: A comprehensive framework. Computers in Human Behavior Reports 5 (3 2022), 100167. https://doi.org/10.1016/j.chbr.2022.100167
  7. Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense. IEEE Communications Surveys & Tutorials 22, 1 (2020), 709–745. https://doi.org/10.1109/COMST.2019.2963791 event-title: IEEE Communications Surveys & Tutorials.
  8. Cyber Threat Intelligence: Challenges and Opportunities. In Cyber Threat Intelligence, Ali Dehghantanha, Mauro Conti, and Tooska Dargahi (Eds.). Springer International Publishing, Cham, 1–6. https://doi.org/10.1007/978-3-319-73951-9_1 DOI: 10.1007/978-3-319-73951-9_1.
  9. Game theory for adaptive defensive cyber deception. Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security, 1–8. https://doi.org/10.1145/3314058.3314063 [Online; accessed 2023-08-30].
  10. Oppositional Human Factors in Cybersecurity: A Preliminary Analysis of Affective States. 2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW), 153–158. https://doi.org/10.1109/ASEW52652.2021.00040 ISSN: 2151-0830.
  11. Examining the Efficacy of Decoy-based and Psychological Cyber Deception. 1127–1144. https://www.usenix.org/conference/usenixsecurity21/presentation/ferguson-walter [Online; accessed 2023-08-30].
  12. YAAS – On the Attribution of Honeypot Data. International Journal on Cyber Situational Awareness 2, 1 (9 12 2017), 31–48. https://doi.org/10.22619/IJCSA.2017.100113
  13. Are Cyber Attackers Thinking Fast and Slow? Exploratory Analysis Reveals Evidence of Decision-Making Biases in Red Teamers. Proceedings of the Human Factors and Ergonomics Society Annual Meeting 63, 1 (1 11 2019), 427–431. https://doi.org/10.1177/1071181319631096 publisher: SAGE Publications Inc.
  14. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare & Security Research 1, 1 (2011), 80.
  15. Attacker behavior analysis in multi-stage attack detection system. Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, 1–1. https://doi.org/10.1145/2179298.2179369 [Online; accessed 2023-09-14].
  16. Cyber Attacker Profiling for Risk Analysis Based on Machine Learning. Sensors 23, 4 (1 2023), 2028. https://doi.org/10.3390/s23042028 number: 4 publisher: Multidisciplinary Digital Publishing Institute.
  17. Jakub Lickiewicz. 2011. Cyber crime psychology - Proposal of an offender psychological profile. Problems of Forensic Science 87 (1 1 2011), 239–252.
  18. Real Time Attacker Behavior Pattern Discovery and Profiling Using Fuzzy Rules. Journal of Internet Technology 19, 5 (1 9 2018), 1567–1575. number: 5.
  19. A Comprehensive Framework for Cyber Behavioral Analysis Based on a Systematic Review of Cyber Profiling Literature. Forensic Sciences 3, 3 (9 2023), 452–477. https://doi.org/10.3390/forensicsci3030032 number: 3 publisher: Multidisciplinary Digital Publishing Institute.
  20. Marcus K. Rogers. 2016. Chapter 3 - Psychological profiling as an investigative tool for digital forensics. In Digital Forensics, John Sammons (Ed.). Syngress, Boston, 45–58. https://www.sciencedirect.com/science/article/pii/B9780128045268000034 DOI: 10.1016/B978-0-12-804526-8.00003-4.
  21. Self-reported computer criminal behavior: A psychological analysis. Digital Investigation 3 (1 9 2006), 116–120. https://doi.org/10.1016/j.diin.2006.06.002
  22. Neil C. Rowe and Julian Rrushi. 2016. Introduction to Cyberdeception. Springer International Publishing, Cham. http://link.springer.com/10.1007/978-3-319-41187-3 DOI: 10.1007/978-3-319-41187-3.
  23. Data Collection and Data Analysis in Honeypots and Honeynets. ([n. d.]).
  24. Cyber Threat Intelligence Mining for Proactive Cybersecurity Defense: A Survey and New Perspectives. IEEE Communications Surveys & Tutorials 25, 3 (2023), 1748–1774. https://doi.org/10.1109/COMST.2023.3273282 event-title: IEEE Communications Surveys & Tutorials.
  25. Li Zhang and Vrizlynn. L. L. Thing. 2021. Three decades of deception techniques in active cyber defense - Retrospect and outlook. Computers & Security 106 (1 7 2021), 102288. https://doi.org/10.1016/j.cose.2021.102288

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets