Date of Award
Master of Science
Department of Operational Sciences
Richard F. Deckro, PhD
Recent years have seen an increase in the number and severity of Information Operations (IO) attacks upon DoD resources. At a higher level, the US as a whole has come under cyber attack by individuals and groups seeking thrills, monetary gain, publicity for their causes, and myriad other goals. This effort develops a first cut model of individual hacker mentality that can be utilized to improve threat assessment, mitigate Information Assurance (IA) vulnerabilities, and improve risk assessment. Further, it is a first step toward automated characterization of Information Warfare (IW) attacks based upon hacker types. All hackers are not the same. In order to best deal with their actions and the intent behind their actions, one must understand who they are. Many hackers are not malicious, in that they hack for the thrill of learning and to "look around". However, others are intent upon gathering information for gain (profit or intelligence aspects), corrupting data or denying access to the system, or to see what harm they can cause. Research for this effort specifically focused on malicious hackers working for nation states, although the basic framework presented applies in part to any type of hacker. This results in advances in the way that hackers are classified and profiled, with a better understanding of their values, skills, and approaches to hacking. Responses can then be tailored to specifics of a given class of hackers. The model developed is illustrated by a case study.
DTIC Accession Number
Kleen, Laura J., "Malicious Hackers: A Framework for Analysis and Case Study" (2001). Theses and Dissertations. 4646.