search menu icon-carat-right cmu-wordmark

Global Adversarial Capability Modeling

May 2015 Conference Paper
Jonathan Spring, Sarah Kern, Alec Summers

Jonathan Spring, Sarah Kern, and Alec Summers propose a model of global capability advancement, the adversarial capability chain (ACC).

Publisher:

Software Engineering Institute

Subjects

Abstract

Computer network defense has models for attacks and incidents comprised of multiple attacks after the fact. However, we lack an evidence-based model the likelihood and intensity of attacks and incidents. We propose a model of global capability advancement, the adversarial capability chain (ACC), to fit this need.The model enables cyber risk analysis to better understand the costs for an adversary to attack a system, which directly influences the cost to defend it.  The model is based on four historical studies ofadversarial capabilities: capability to exploit Windows XP, to exploit the Android API, to exploit Apache, and to administer compromised industrial control systems.We propose the ACC with five phases: Discovery, Validation, Escalation, Democratization, and Ubiquity. We use the four case studies as examples as to how the ACC can be applied and used to predict attack likelihood and intensity.