On the Role of Malware Analysis for Technical Intelligence in Active Cyber Defense
ABSTRACT
This paper discusses the critical role collection and analysis of malware must play in active cyber defense. The importance of determining the operational characteristics, strengths, and weaknesses of an adversary’s weapons and equipment has led to the establishment of technical intelligence (TECHINT) as a discipline in military intelligence. Software, particularly malware, fills the role of weapons in cyberspace. Malware analysis offers significant opportunities to understand adversary capabilities and intent, thus facilitating an effective cyberspace defense. This paper provides background, discusses potential TECHINT gains from malware, and considers how this knowledge may enhance an active cyber-defense strategy.
AUTHORS
IronNet Cybersecurity, Inc. Fulton, Maryland,
U.S.A.
Dr. Robert L. Fanelli is a computer scientist and security practitioner with IronNet Cybersecurity, Inc. He is a recently retired U.S. Army Colonel with over 27 years of service conducting military cyberspace IT and telecommunications operations, most recently at United States Cyber Command. He holds a PhD in Computer Science from the University of Hawaii, an MS from the University of Louisville, a BS from Penn State University, and a number of industry credentials, including the designation as a GIAC Security Expert.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
