HOME ABOUT US NEWS TEAM PARTNERING TRAINING EVENTS MEDIA KIT CONTACT
  TEAM ACCESS
     Silver Access
     Gold Access
     Researcher Access
  ASSOCIATIONS 
     Affiliates
     Auditors
     Training Partners
  RESEARCH
     Business Integrity (BIT)
     Home Security (HSM)
     Networking Protocols (OPRP)
     Security Auditing (OSSTMM)
     Security Metrics (ravs)
     Child Security Awareness
     Teen Security Awareness
     Trusted Computing (AVIT)
     Security Models (SOMA)
     Code Analysis (SCARE)
     Security Tools
     Secure Programming
  CERTIFICATION 
     Security Analyst
     Security Expert
     Security Tester
     Wireless Security Expert
     Trust Analyst
     Security Awareness Instructor
     Certified People
     Companies & Products

Hacker’s Profiling Project (HPP)
Project Managers: Raoul Chiesa  raoul@ISECOM.org

The goal of this presentation document is to resume the first 2 years of the HPP results, as well as define the core of a methodology that will allow the use of the attacker’s profiling techniques in computer-based IT and ICT attacks. The document gives a strong consideration to the first two developed phases of the Hacker’s Profiling Project, defining at the same time the next steps for the core-asset of the methodology itself.

The original idea started back in 2004, after many researches related to Criminal and Hacker’s Profiling: most of the available data and studies have been carried out basically focusing on single “points of view”: the criminal analysis of the computer intrusion on one side, the technical analysis of the computer intrusion on the other side. In no cases we have seen a synergic approach of the above-mentioned points of view.

Also, the hacking panorama has always been described as a world populated by data thieves, modern Robin Hood and criminals, rather than the “good & bad guys” general definitions. Our research project aims to identify the real actors’ behaviours of this particular technological environment and social culture, driving away from the cliché often (ab)used by the media and by the classic company’s “security culture”, helping in better identifying the reasons of IT/ICT attacks and the real modus operandi, determining a better counter-measures approach.

At the moment (June 2006), the available documents will focus on describing “how it works” side more than the “how to use” aspect. This methodology will serve those who need to identify attackers’ typologies and better understanding the (different) motivations that lead to a computer intrusion scene.

Among the next steps, as the Honeynet module will be defined (2007), we are expecting to produce various detailed technical papers, on which basis we will outline the profiling methodology itself.

The final goal of HPP consists in developing an open methodology that – when applied to log files or computer forensics dumps - will enable the analysts to analyze the data from a different point of view, supplying them with a profiling methodology that will identify the kind of attacker that has performed the attack(s) itself, including as well security and privacy weaknesses, circumventions, corruption, fraud, embezzlement, theft, and other deceptive, illegal, or unethical practices.

If you are interested in helping us with this project, please, contact us at hpp<at>isecom.org.

Download HPP General Overview, Basic Presentation v.1.0_eng:   

            

Spain

USA

HPP.general_overview_Basic.v.1.0_eng.pdf

 

 

Download HPP General Overview, Compact Presentation v.1.0_eng:    

            

Spain

USA

HPP.general_overview_Compact.v.1.0_eng.pdf

 

 

 

Join the ISECOM page on Facebook  Follow us on Twitter  

SUBSCRIBE TO ISECOM NEWS
 
VIEW ALL MAILING LISTS

Join the ISECOM PLATINUM, GOLD or SILVER TEAM


 

ISECOM is an open, collaborative, non-profit, scientific, security research organization registered in Catalunya, Spain.  All research here has been performed without commercial or partisan influence.  Contact us directly to be a security researcher on the ISECOM team.

Disclaimer:  While all documents on this site are available under Copyleft and the Open Methodology License, do check the licenses within each tool or document prior to copying, modifying, or distribution for any individually stated requirements.  Additionally, all research is provided here for information purposes only and ISECOM is not responsible for any misuse.


www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org
www.opse.org - www.opst.org - www.opsa.org - www.owse.org
  If you have any comments, questions, or to note broken links on this website contact the Webmaster.