Accession Number:



Final Report and Recommendations of the North Atlantic Treaty Organization (NATO) Research Task Group IST-129 on Predictive Analysis of Adversarial Cyber Behavior

Descriptive Note:

[Technical Report, Special Report]

Corporate Author:

DEVCOM Army Research LaboratoryUS Naval AcademyGeorge Mason UniversityFinnish Defence Research AgencyUniversity of EdinburghSlovenia Ministry of DefenceFraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE)Defence Research and Development CanadaUS Naval Postgraduate SchoolEstonian Business SchoolRoyal Military AcademySwedish Defence Research AgencySeetru LtdOxford University

Report Date:


Pagination or Media Count:



This report summarizes the work and findings of the North Atlantic Treaty Organization NATO Research Task Group RTG, Information Systems Technology IST-129, on Predictive Analysis of Adversarial Cyber Operations. The RTG found overall there was little in the way of direct research and solutions of predicting a cyber-adversary who launches an attack against a known vulnerability with an unknown exploit. As such, the work of IST-129 contains a body of work that provides researchers and organizations a point of departure for continuing research. Of all our many findings and recommendations, the most important is that prediction of adversarial operations in cyberspace is complex, but can be decomposed. Prediction offers great potential in many areas of cyber defense. Predicting adversarial operations will be a multimethod approach. A common taxonomy both for and about the threat, along with machine-readable language, will help. Cyber defense itself needs to be protected. Modelling of closed network systems is needed and we need data sets that are representative of reality.


Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

[A, Approved For Public Release]