Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Predicting cyber attacks with Bayesian networks using unconventional signals
Okutan A., Yang S., McConky K.  CISRC 2017 (Proceedings of the 12th Annual Cyber and Information Security Research Conference, Oak Ridge, TN, Apr 4-6, 2017)1-4.2017.Type:Proceedings
Date Reviewed: Jun 2 2017

Bayesian networks can be used to predict all kinds of events. In this case, unconventional signals, that is, data from global events and social media, are used to predict whether cyber attacks will happen on companies. The outcome of this application may not surprise you very much.

The approach is fairly straightforward. Data is taken from Twitter, the Global Database of Events, Language, and Tone (GDELT) project, and from Hackmaggedon. The authors apply this approach to a dataset drawn from a company that lasted roughly five months in 2016. The results of the approach seem fairly successful with reasonable precision and high F-measures. However, the initial results show a zero for denial-of-service (DOS) attacks. The authors change their methodology for this approach since there have been very few attacks in the available period. When using fictional data with uniform class distributions, fortunately the results are slightly better.

Most cyber attacks on companies are so prevalent currently that a model that always returns “true” may outperform the Bayesian model--except for DOS attacks, which are so infrequent that a model that always returns “false” is probably correct. The outcomes of their first approach could have been a signal to the authors, which they may have overlooked. The paper is a nice exercise in using a Bayesian model, but unlikely to provide actual contributions to predicting cyberattacks, at least with the current prevalence of them.

Reviewer:  Jeroen van der Ham Review #: CR145322 (1708-0547)
Bookmark and Share
 
Security and Protection (D.4.6 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Practical UNIX security
Garfinkel S., Spafford G., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175729)
Jun 1 1992
Trusted products evaluation
Chokhani S. Communications of the ACM 35(7): 64-76, 1992. Type: Article
Oct 1 1993
An experience using two covert channel analysis techniques on a real system design
Haigh J., Kemmerer R., McHugh J., Young W. IEEE Transactions on Software Engineering SE-13(2): 157-168, 1987. Type: Article
Nov 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy