Bayesian networks can be used to predict all kinds of events. In this case, unconventional signals, that is, data from global events and social media, are used to predict whether cyber attacks will happen on companies. The outcome of this application may not surprise you very much.
The approach is fairly straightforward. Data is taken from Twitter, the Global Database of Events, Language, and Tone (GDELT) project, and from Hackmaggedon. The authors apply this approach to a dataset drawn from a company that lasted roughly five months in 2016. The results of the approach seem fairly successful with reasonable precision and high F-measures. However, the initial results show a zero for denial-of-service (DOS) attacks. The authors change their methodology for this approach since there have been very few attacks in the available period. When using fictional data with uniform class distributions, fortunately the results are slightly better.
Most cyber attacks on companies are so prevalent currently that a model that always returns “true” may outperform the Bayesian model--except for DOS attacks, which are so infrequent that a model that always returns “false” is probably correct. The outcomes of their first approach could have been a signal to the authors, which they may have overlooked. The paper is a nice exercise in using a Bayesian model, but unlikely to provide actual contributions to predicting cyberattacks, at least with the current prevalence of them.