Final Report and Recommendations of the North Atlantic Treaty Organization (NATO) Research Task Group IST-129 on Predictive Analysis of Adversarial Cyber Behavior
Abstract
This report summarizes the work and findings of the North Atlantic Treaty Organization (NATO) Research Task Group (RTG), Information Systems Technology (IST)-129, on Predictive Analysis of Adversarial Cyber Operations. The RTG found overall there was little in the way of direct research and solutions of predicting a cyber-adversary who launches an attack against a known vulnerability with an unknown exploit. As such, the work of IST-129 contains a body of work that provides researchers and organizations a point of departure for continuing research. Of all our many findings and recommendations, the most important is that prediction of adversarial operations in cyberspace is complex, but can be decomposed. Prediction offers great potential in many areas of cyber defense. Predicting adversarial operations will be a multimethod approach. A common taxonomy both for and about the threat, along with machine-readable language, will help. Cyber defense itself needs to be protected. Modelling of closed network systems is needed and we need data sets that are representative of reality.
Document Details
- Document Type
- Technical Report
- Publication Date
- Apr 01, 2021
- Accession Number
- AD1131819
Entities
People
- Bernt Akesson
- David Aspinall
- Dennis Mccallam
- Heiko Guenther
- Joseph Lopiccolo
- Juha-pekka Nikkarila
- Margaret Varga
- Matthew Kellet
- Peeter Lorents
- Roman Faganel
- Teodor Sommestad
- Tracy Braun
- Wim Mees
Organizations
- Defence Research and Development Canada
- Fraunhofer Institute for Communication, Information Processing and Ergonomics
- George Mason University
- Naval Postgraduate School
- Royal Military Academy
- Swedish Defence Research Agency
- United States Army Research Laboratory
- United States Naval Academy
- University of Edinburgh
- University of Oxford