This paper is based on a three year project during which we studied
attackers’ behavior, reading military planning literature, and thinking on how
would we do the same things they do, and what problems would we, as attackers,
face. This research is still ongoing, but while participating in applications
for other projects and talking to cyber security experts we constantly face the
same issues, namely attackers’ behavior is not well understood, and
consequently, there are a number of misconceptions floating around that are
simply not true, or are only partially true. This is actually expected as
someone who casually follows news about incidents easily gets impression that
attackers and attacks are everywhere and every one is under attack. Our goal in
this paper is to debunk these myths, to show what attackers really can and can
not, what dilemmas they face, what we don’t know about attackers and attacks,
etc. The conclusion is that, while attackers do have upper hand, they don’t
have absolute advantage, i.e. they also operate in an uncertain environment.
Knowing this, means that defenses could be well established.

Go to Source of this post
Author Of this post: <a href="">Stjepan Gro&#x161;</a>

By admin