Publications Details

Linkography abstraction refinement and cyber security

Foulk, James W.; Mcbride, Marci; Jarocki, John

Attacks authored by state sponsored actors, criminal outfits, ideological enclaves and recreational hackers continue to trouble public and private cyber systems. In order to create and/or maintain an advantage over their adversaries, cyber defenders must pursue novel ways to detect, attribute and respond to offensive operations. Linkography is a topic that has been explored for decades that has found recent application to cyber security. Given the huge amounts of data available for cyber security applications of linkography, we favor semi-automated techniques to exploit this concept. In this paper, we propose a human supervised algorithm that will refine the abstractions used for this bulk approach to linkography. We found this algorithm resulted in automatically generated linkographs with higher accuracies than those derived from static abstractions. These findings suggest that linkography in general and abstraction refinement in particular are viable tools for cyber security practitioners.