In this chapter, we discuss adversarial planning in networks and propose methods for detecting it. We show that the traces attackers leave follow a logical order that can be used to recognize attackers' goals. The chapter studies three methods used by attackers to obfuscate their traces in order to make them difficult for analysis: dummy actions, decoy goals, and buffers. The chapter also presents a model for detecting cells in malicious networks. In order to detect cells, we search for coordination links between attackers and perform link analysis. The link analysis produces a coordination graph that includes all members of a cell. In addition, the chapter proposes a formal metric on coordination graphs that help identify the roles attackers play, and differentiate central from peripheral attackers. © 2009 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Braynov, S. (2009). Adversarial planning in networks. In Computational Methods for Counterterrorism (pp. 263–274). Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-01141-2_14
Mendeley helps you to discover research relevant for your work.