Topics: Vulnerability Analysis
This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.
As they constantly change network infrastructure, adversaries consistently use and update their tools. This report presents a way for researchers to begin threat analysis with those tools rather than with network or incident data alone.
Topics: Malware Analysis
In this paper, the authors describe their analysis of two case studies to outline the relationship between adversaries and network defenders.
Topics: Measurement and Analysis
This report analyzes unclassified data sets in an attempt to understand APT1's middle infrastructure.