Dissecting Cyberadversarial Intrusion Stages via Interdisciplinary Observations

Advanced Persistent Threats (APTs) are professional, sophisticated threats that pose a serious concern to our technologically-dependent society. As these threats become more common, conventional response-driven cyberattack management needs to be substituted with anticipatory defense measures. Understanding adversarial behavior and movement is critical to improve our ability to proactively defend. This paper focuses on understanding adversarial movement and adaptation using a case study from a real-time cybersecurity exercise. Through multidisciplinary methodologies from social and hard sciences, this paper presents a mechanism to dissect cyberadversarial intrusion chains to unpack movement, and adaptations.