Deana Shick
CERT
Publications by Deana Shick
-
Cyber Intelligence Tradecraft Report: The State of Cyber Intelligence Practices in the United States (Study Report and Implementation Guides)
May 21, 2019 • Collection
Jared EttingerApril GalyardtRitwik Gupta
This report details the findings of a study the SEI conducted at the request of the United States Office of the Director of National Intelligence. In the report, we present current best practices and common challenges in cyber intelligence.
view -
Towards Improving CVSS
December 04, 2018 • White Paper
Jonathan SpringEric HatlebackAllen D. Householder
This paper outlines challenges with the Common Vulnerability Scoring System (CVSS).
read -
Using Honeynets and the Diamond Model for ICS Threat Analysis
May 06, 2016 • Technical Report
John KotheimerKyle O'MearaDeana Shick
This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.
read -
A Unique Approach to Threat Analysis Mapping: A Malware-Centric Methodology
April 19, 2016 • Technical Report
Deana ShickKyle O'Meara
As they constantly change network infrastructure, adversaries consistently use and update their tools. This report presents a way for researchers to begin threat analysis with those tools rather than with network or incident data alone.
read -
Malware Capability Development Patterns Respond to Defenses: Two Case Studies
March 07, 2016 • White Paper
Kyle O'MearaDeana ShickJonathan Spring
In this paper, the authors describe their analysis of two case studies to outline the relationship between adversaries and network defenders.
read -
Investigating Advanced Persistent Threat 1 (APT1)
May 12, 2014 • Technical Report
Deana ShickAngela Horneman
This report analyzes unclassified data sets in an attempt to understand APT1's middle infrastructure.
read -
Investigating APT1
January 13, 2014 • Presentation
Deana ShickAngela Horneman
In this presentation, the authors discuss utilizing the Internet Census 2012 data to understand how public sources tell a story about specific threat groups.
read