Frank J. Stech

Learn More
As attack techniques evolve, cybersystems must also evolve to provide the best continuous defense. Leveraging classical denial and deception techniques to understand the specifics of adversary attacks enables an organization to build an active, threat-based cyber defense. The Web extra at https://youtu.be/9g_HLNXiLto is a video that describes how in January(More)
In the social domain of interoperability, sensemaking is a term used to describe how individuals and organizations process complex information in highly dynamic and uncertain situations. This paper builds on established theories and offers a new model of team sensemaking. The approach is to translate general principles (e.g., diligence, facileness, etc.)(More)
In January 2012, MITRE performed a real-time, red team/blue team cyber-wargame experiment. This presented the opportunity to blend cyber-warfare with traditional mission planning and execution, including denial and deception tradecraft. The cyberwargame was designed to test a dynamic network defense cyber-security platform being researched in The MITRE(More)
The concepts of deception, counter-deception, and deception detection in the cyber-space domain have been the subject of little systematic analysis. Our objective was to conduct scientometric analyses of these concepts in the cyber-space domain. We observed the following: Although various deceptive tactics are addressed in the cyber-security literature, it(More)
This paper describes the central component of a system to assist intelligence analysts detect deception. We describe how deceptions exploit cognitive limits and biases and review prior work on processes that can help people recognize organized deceptions. Our process is based on Heuer’s Analysis of Competing Hypotheses, which we automate by generating(More)