Predicting Malicious Behavior: Tools and Techniques for Ensuring Global Security
Gary M. Jackson
Format: PDF / Kindle (mobi) / ePub
A groundbreaking exploration of how to identify and fight security threats at every level
This revolutionary book combines real-world security scenarios with actual tools to predict and prevent incidents of terrorism, network hacking, individual criminal behavior, and more. Written by an expert with intelligence officer experience who invented the technology, it explores the keys to understanding the dark side of human nature, various types of security threats (current and potential), and how to construct a methodology to predict and combat malicious behavior. The companion CD demonstrates available detection and prediction systems and presents a walkthrough on how to conduct a predictive analysis that highlights proactive security measures.
- Guides you through the process of predicting malicious behavior, using real world examples and how malicious behavior may be prevented in the future
- Illustrates ways to understand malicious intent, dissect behavior, and apply the available tools and methods for enhancing security
- Covers the methodology for predicting malicious behavior, how to apply a predictive methodology, and tools for predicting the likelihood of domestic and global threats
- CD includes a series of walkthroughs demonstrating how to obtain a predictive analysis and how to use various available tools, including Automated Behavior Analysis
Predicting Malicious Behavior fuses the behavioral and computer sciences to enlighten anyone concerned with security and to aid professionals in keeping our world safer.
very different. Although we may use the AuBA tools to process the same text that describes historical events, we concentrate on extracting the antecedents to past attacks instead of just the behavior. By focusing on associating precursor events with types of behavior that follows, we can project what type of behavior will occur in the future when a specific set of antecedent conditions is present. This ability to predict significant adversarial behavior prior to its occurrence removes us from a
examples of human behavior, we need a foundation from which principles of human behavior can be derived. Using AuBA, we process antecedents and consequences associated with multiple examples of behaviors of interest. In this way, we can store all possible antecedent candidates simply because they occur temporally before the behavior and all candidates for consequences because they occur after the behavior. Note We begin the process of identifying antecedents and consequences by simply noting
the group during the years 2001–2011 when bin Laden was pressed into hiding by U.S. forces. Even in hiding bin Laden could provide general guidance, while the local operational cells could exhibit successful attacks in their respective regions. The Motivation Group structure is not a cause of malicious behavior. Instead, group structure assists in successfully conducting malicious behavior. Rather than structure, motivation of the group is the key to malice. We could have two groups with
adversary is stable, then AuBA-determined antecedent-behavior associations will be the same for the past two one-year periods. If we observe changes in the antecedent-behavior associations in the most recent year as compared to the one-year period beginning two years ago, then a shift is occurring. This approach is more powerful than just noting that the malicious behaviors are changing. Noting different antecedent-behavior associations across the two-year period provides a context for the
guidance? Table 3.1 (earlier in the chapter) made it clear that terrorist organizations can attack using a wide variety of tactics against a wide variety of targets. In considering a likely form of attack, we need to determine the likelihood of a more traditional form of attack versus a new form of attack. The latter increases the element of surprise in both the timing of the attack and the nature of the attack itself. More traditional attacks would include remote or timed detonation of a bomb