Analysis of a Cyber Defense Exercise using Exploratory Sequential Data Analysis

Abstract

Baltic Cyber Shield 2010 (BCS), a multi-national civil-military cyber defense exercise (CDX), aimed to improve the capability of performing a CDX and investigate how IT attacks and defense of critical infrastructure can be studied. The exercise resulted in a massive dataset to be analyzed and many lessons learned in planning and executing a large-scale multi-national CDX. A reconstruction & exploration (R&E) approach was used to capture incidents such as attacks and defensive countermeasures during the exercise. This paper introduces the usage of R&E combined with exploratory sequential data analysis (ESDA) and discusses benefits and limitations of using these methods for analyzing multi-national cyber defense exercises. Using ESDA we were able to generate statistical data on attacks from BCS, such as number of reported attacks by the attackers and the defenders on different type of services. Initial results from these explorations will be analyzed and discussed.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2011
Accession Number
ADA547029

Entities

People

  • Dennis Andersson
  • Hannes Holm
  • Jonas Hallberg
  • Magdalena Granasen
  • Thomas Sundmark

Organizations

  • Swedish Defence Research Agency

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Command And Control
  • Computer Network Security
  • Cyber Defense Techniques
  • Cyber Warfare
  • Cyberattacks
  • Data Analysis
  • Data Sets
  • Electronic Mail
  • Human-Computer Interaction
  • Infrastructure
  • Military Operations
  • National Security
  • Networks
  • Observers
  • Security
  • Security Personnel
  • Video

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Cybersecurity.
  • Theoretical Analysis.

Technology Areas

  • Cyber