Exploratory Sequential Data Analysis of a Cyber Defence Exercise
2011 (English)In: Proceedings of the International Defense and Homeland Security Simulation Workshop (DHSS) 2011, Caltek s.r.l. , 2011, 27-32 p.Conference paper (Refereed)
Baltic Cyber Shield 2010 (BCS), a multi-national civilmilitary cyber defence exercise (CDX), aimed to improve the capability of performing a CDX and investigate how IT attacks and defence of critical infrastructure can be studied. The exercise resulted in a massive dataset to be analyzed and many lessons learned in planning and executing a large-scale multinational CDX. A reconstruction & exploration (R&E) approach was used to capture incidents such as attacks and defensive counter-measures during the exercise. This paper introduces the usage of R&E combined with exploratory sequential data analysis (ESDA) and discusses benefits and limitations of using these methods for analyzing multi-national cyber defence exercises. Using ESDA we were able to generate statistical data on attacks from BCS, such as number of reported attacks by the attackers and the defenders on different type of services. Initial results from these explorations will be analyzed and discussed.
Place, publisher, year, edition, pages
Caltek s.r.l. , 2011. 27-32 p.
cyber defence exercise, data analysis, experimentation, reconstruction and exploration
Computer and Information Science
Research subject SRA - ICT
IdentifiersURN: urn:nbn:se:kth:diva-100916ScopusID: 2-s2.0-84898778855OAI: oai:DiVA.org:kth-100916DiVA: diva2:545816
The International Defense and Homeland Security Simulation Workshop (DHSS) 2011, Rome, Italy, September 12-14, 2011.
QC 201209192012-08-212012-08-212015-04-22Bibliographically approved