Temporal and Spatial Analyses for Large-Scale Cyber Attacks

Prevalent computing devices with networking capabilities have become critical cyber infrastructure for government, industry, academia and every-day life. As their value rises, the motivation driving cyber attacks on this infrastructure has shifted from the pursuit of notoriety to the pursuit of profit [1, 2] or political gains, leading to cyber terrorism on various scales. Cyber terrorism has had its share of case studies and definitions since late 1990s and early 2000s [3–5]. A common denominator of the definition of cyber terrorism is the threat posed through the use of cyber infrastructure, especially the Internet. Stuxnet, a malware discovered in June 2010, which was a directed attack against the Iranian nuclear program [6], represented a milestone on cyber warfare and posed a new challenge to analyze and understand cyber attacks due to its complexity in attack strategy. While cyber terrorism can have many elements beyond exploiting cyber vulnerabilities, this chapter focuses on analyzing techniques that process observables of malicious activities in the cyberspace.