Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards Offensive Cyber Counterintelligence: Adopting a Target-Centric View on Advanced Persistent Threats
Swedish National Defence College, Department of Military Studies, Military-Technology Division.ORCID iD: 0000-0002-4376-9800
Swedish National Defence College, Department of Military Studies, Military-Technology Division.
2013 (English)In: Proceedings of the 2013 European Intelligence and Security Informatics Conference / [ed] Joel Brynielsson & Fredrik Johansson, IEEE Computer Society, 2013, 166-171 p.Conference paper, (Refereed)
Abstract [en]

Although the traditional strategies for cyber defense in use today are necessary to mitigate broad ranges of common threats, they are not well-suited to protect against a persistent antagonist with access to advanced system exploitation techniques and knowledge of existing but yet undiscovered software vulnerabilities. Addressing the threat caused by such antagonists requires a fast and offensive Cyber Counterintelligence (CCI) process, and a more efficient interorganizational information exchange. This paper proposes a framework for offensive CCI based on technical tools and techniques for data mining, anomaly detection, and extensive sharing of cyber threat data. The framework is placed within the distinct context of military intelligence, in order to achieve a holistic, offensive and target-centric view of future CCI. The main contributions offered are (i) a comprehensive process that bridges the gap between the various actors involved in CCI, (ii) an applied technical architecture to support detection and identification of data leaks emanating from cyber espionage, and (iii) deduced intelligence community requirements.

Place, publisher, year, edition, pages
IEEE Computer Society, 2013. 166-171 p.
Keyword [en]
cyber, counterintelligence, espionage, anomaly detection, attribution
National Category
Information Systems, Social aspects
Research subject
Militärteknik
Identifiers
URN: urn:nbn:se:fhs:diva-4118DOI: 10.1109/EISIC.2013.37ISBN: 978-0-7695-5062-6 (print)OAI: oai:DiVA.org:fhs-4118DiVA: diva2:640955
Conference
European Intelligence and Security Informatics Conference (EISIC 2013), 12-14 August 2013, Uppsala, Sweden
Available from: 2013-08-14 Created: 2013-08-14 Last updated: 2017-06-14Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full text

Search in DiVA

By author/editor
Sigholm, JohanBang, Martin
By organisation
Military-Technology Division
Information Systems, Social aspects

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

Total: 295 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf