Most of the research in cyber exploitation has focused on the identification of attacks, attackers, and their devices. Many tools exist for device profiling, malware identification, user attribution, and attack analysis. However, most of the tools are intrusive, sensitive to data obfuscation, or provide anomaly flagging and not able to correctly classify the semantics and causes of network activities. In this paper, we review existing solutions that can identify functional and social roles of entities in cyberspace, discuss their weaknesses, and propose an approach for developing functional and social layers of cyber battle maps.
You have requested a machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Neither SPIE nor the owners and publishers of the content make, and they explicitly disclaim, any express or implied representations or warranties of any kind, including, without limitation, representations and warranties as to the functionality of the translation feature or the accuracy or completeness of the translations.
Translations are not retained in our system. Your use of this feature and the translations is subject to all use restrictions contained in the Terms and Conditions of Use of the SPIE website.