Framing the attacker in organized cybercrime
2012 (English)In: Proceedings - 2012 European Intelligence and Security Informatics Conference, EISIC 2012, IEEE conference proceedings, 2012, 30-37 p.Conference paper (Refereed)
When large values are at stake, the attacker and the attacker's motives cannot be easily modeled, since both the organization at stake and the possible attackers are unique and have complex motives. Hence, rather than using stereotypical attacker models, recent work proposes realistic profiling of the opponent by the use of user-centered design principles in form of the persona methodology. Today, cyber crime is often organized, i.e., attacks are planned and executed by an organization that has put together a tailor made team consisting of the necessary skills for the task. The actual individuals taking part in the attack might not be aware of or interested in the overall organizational motives. Rather, taking motives behind espionage, fraud, etc., into account requires consideration of the attacking organization rather than the individuals. In this paper, based on interviews with IT security experts, we build on the attacker persona methodology and extend it with methodology to also handle organizational motives in order to tackle organized cyber crime. The resulting framework presented in the paper extends the attacker persona methodology by also using narratives in order to assess the own organization's security. These narratives give rise to intrigue sketches involving any number of attacker personas which, hence, make it possible to take organized cyber crime into account.
Place, publisher, year, edition, pages
IEEE conference proceedings, 2012. 30-37 p.
intrigue sketch, narrative, Organized cybercrime, persona
IdentifiersURN: urn:nbn:se:kth:diva-107310DOI: 10.1109/EISIC.2012.48ScopusID: 2-s2.0-84868583239OAI: oai:DiVA.org:kth-107310DiVA: diva2:576098
2012 European Intelligence and Security Informatics Conference, EISIC 2012, 22 August 2012 through 24 August 2012, Odense
QC 201212122012-12-122012-12-102014-11-06Bibliographically approved