A Grand Game of Chess: Entropy and Patterns in Threat Intelligence Models
A Grand Game of Chess: Entropy and Patterns in Threat Intelligence Models
A Grand Game of Chess: Entropy and Patterns in Threat Intelligence Models
By Kelly Ryver
June 23, 2020
Summary
During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned that many of the threat intelligence models in use today seem to overemphasize the pattern recognition aspect of threat intelligence through the egregious use of algorithms.
I did a bit of my own research to see what aspects of chess psychologists found most intriguing, and whether any of their findings could be used to build better threat intelligence programs.
CHREST, in turn, led to the design of computational models that could help psychologists understand why chess experts are so good at the game, by studying the number of moves the typical chess expert memorizes and how an expert organizes information mentally while playing.
So what does all this research on the game of chess have to do with threat intelligence? A great deal.
CHREST and the subsequent mathematical models for hierarchy and retrieval structures underpin the databases, algorithms and artificially intelligent software used for threat hunting and by the threat intelligence correlation engines today.
Threat hunters today are much like players in a game of chess where the adversary maneuvers in much the same ways as an opponent across a grand chess board.
One could easily consider the science of threat intelligence as the identification of these patterns as quickly as possible to predict future action and to engage appropriate response maneuvers.
Then we can truly provide a robust threat intelligence gathering effort that provides threat actor identification, activity prediction, mitigation and response strategies.
Invest in a strong internal analytical team or entrust the threat hunting and threat intelligence responsibility to an elite team such as those that IBM Security provides.
Using chess to build better threat hunting and threat intelligence teams on a slim budget.
Reference
Ryver, K. (2020, June 23). A Grand Game of Chess: Entropy and Patterns in Threat Intelligence Models. Retrieved June 24, 2020, from https://securityintelligence.com/posts/chess-entropy-patterns-threat-intelligence-models/