Security analytics for real‐time forecasting of cyberattacks. (2nd April 2020)
- Record Type:
- Journal Article
- Title:
- Security analytics for real‐time forecasting of cyberattacks. (2nd April 2020)
- Main Title:
- Security analytics for real‐time forecasting of cyberattacks
- Authors:
- Javed, Amir
Lakoju, Mike
Burnap, Pete
Rana, Omer - Other Names:
- Aujla Gagangeet Singh guestEditor.
Prodan Radu guestEditor.
Rawat Danda B. guestEditor. - Abstract:
- Summary: Protection of networked computing infrastructures (such as Internet of Things, Industrial Control Systems, and Edge computing) is dependent on the continuous monitoring of interaction between such devices and network/Cloud‐based hosts (especially in Industry 4.0 environments). This real‐time monitoring enables an analyst to quantify evolving and emerging threats to such network infrastructures. A framework for identifying patterns in observed cyberthreats and the use of these patterns for forecasting the growth of an emerging threat to network infrastructure is proposed. This framework enables predicting the maximum threat intensity and the time period over which this maximum intensity is likely to occur. The proposed framework integrates: (a) continuous monitoring of device/network activity, (b) forecasting behavior using exponentially weighted moving averages, (c) utilizing Fibonacci retracement for estimating the potential intensity of a cyberattack, and (d) linear regression for predicting response time for high risk thresholds and a machine learning strategy to predict potential risk over a pre‐defined time window. Using this approach, we can produce time intervals between the forecast and the actual attacks using real‐world network activity data. Our results show an average lead time of around 1.75 hours, providing a window of opportunity to limit the impact of an attack and counter it.
- Is Part Of:
- Software, practice & experience. Volume 52:Number 3(2022)
- Journal:
- Software, practice & experience
- Issue:
- Volume 52:Number 3(2022)
- Issue Display:
- Volume 52, Issue 3 (2022)
- Year:
- 2022
- Volume:
- 52
- Issue:
- 3
- Issue Sort Value:
- 2022-0052-0003-0000
- Page Start:
- 788
- Page End:
- 804
- Publication Date:
- 2020-04-02
- Subjects:
- cybersecurity -- malware -- security risk -- web security
Computer software -- Periodicals
Computer programming -- Periodicals
Computer programs -- Periodicals
005.3 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/spe.2822 ↗
- Languages:
- English
- ISSNs:
- 0038-0644
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.453000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 20759.xml