Sunday, 26 April 2009

Red Team Simulation in the face of an irrational enemy

Brand Killer Robots reveal::
A recent call has gone out to consider the question of simulating an entire adversarial attack upon a particular target. The discussion centred on how one might leverage expert security knowledge via simulation to cover broader ground via red team simulation.

I wonder whether such simulations are capable of modeling links between things which rationally are not linked? Can they for example systemize confusion to such a degree as to identify attack vectors that are so subtle to be almost completely invisible?

Are these simulations multi-faceted, multi-domain and multi-integrated across the full spectrum of the "security domain"?

Can they for example model pathological behaviour, delirious phenomena and other forms of spontaneous irrational knowledge and activity of the opponent?

Much of the data that red teams work off to develop the perspective of the security condition is based on rational analysis.

Sophisticated criminals rarely operate entirely rationally. These people didn't learn their trade from school books. Neither did they necessarily grow up without tasting the depths of dispair. Failure and damaging events in their past more often than not give them greater insight than their adversaries.

To develop an effective simulation one would have to work a lot harder and hire different qualities of people to design the inputs to the red team process.

There are methods for approaching the development of a defense against pathological attacks, but these are in the early stages.

Methods such as these are the future of security intelligence though.

No comments: