Close
Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains
This paper by Eric M. Hutchins, Michael J. Clopperty, and Rohan M. Amin discusses a new form of Intelligence-Driven Computer Network Defense. The problem with most conventional network defense tools, such as anti-virus programs, is that they focus on the vulnerability component of risk and assume a successful intrusion. However, a new class of threats include “well-resourced and trained adversaries that conduct multi-year intrusion campaigns targeting highly sensitive economic, proprietary, or national security information.” Thus, defenders need to create an intelligence feedback loop to decrease an adversary’s likelihood of success with each subsequence intrusion attempt.