Topics: Vulnerability Analysis
Authors: John Kotheimer, Kyle O'Meara, Deana Shick
This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.
Authors: Deana Shick, Kyle O'Meara
As they constantly change network infrastructure, adversaries consistently use and update their tools. This report presents a way for researchers to begin threat analysis with those tools rather than with network or incident data alone.
Topics: Malware Analysis
Authors: Kyle O'Meara, Deana Shick, Jonathan Spring, Ed Stoner
In this paper, the authors describe their analysis of two case studies to outline the relationship between adversaries and network defenders.
Topics: Measurement and Analysis
Authors: Deana Shick, Angela Horneman
This report analyzes unclassified data sets in an attempt to understand APT1's middle infrastructure.
Topics: Network Situational Awareness
Authors: Deana Shick, Angela Horneman
In this presentation, the authors discuss utilizing the Internet Census 2012 data to understand how public sources tell a story about specific threat groups.