1. Field of the Invention
The present invention relates to cyber attacks and, more specifically, to cyber attack identification and to the profiling of cyber-attackers or adversaries.
2. Background of the Related Art
Cyber-attacks are one of the most challenging threats which face the success of modern businesses, government institutions and private citizens. The high volume of cyber-attacks which are experienced by most entities that are engaged in the use of information technology result in unique challenges when trying to more fully understand the nature of the cyber-attacks, quickly identify attacks of specific concern, and develop effective counter-measures for the broad-range of cyber-attack methods that are at the disposal of the cyber adversary.
While history has shown that video surveillance footage, fingerprints, ballistic forensics, DNA and other investigative methods have proven to be an effective means for identifying those responsible for events in the physical world, the cyber domain is without an effective means of effectively identifying or developing leads with regards to those responsible for an attack. In order to bridge this gap, many organizations have become focused on the particular technologies that have been developed to carry out cyber-attacks, so that the specific actions or impacts of the applied technology can be analyzed. This approach does not provide the means to consider the adversary behind the attack. While this approach is often helpful in the short term, it is analogous to a gun-shot victim receiving emergency care for the immediate wound, without performing forensics on the bullet and attempting to identify the weapon from which the bullet may have been shot from.