Proceedings of the 50th Hawaii International Conference on System Sciences (2017) 2017
DOI: 10.24251/hicss.2017.725
|View full text |Cite
|
Sign up to set email alerts
|

Can Cybersecurity Be Proactive? A Big Data Approach and Challenges

Abstract: The cybersecurity community typically reacts to attacks after they occur. Being reactive is costly and can be fatal where attacks threaten lives, important data, or mission success. But can cybersecurity be done proactively? Our research capitalizes on the Germination Period-the time lag between hacker communities discussing software flaw types and flaws actually being exploited-where proactive measures can be taken. We argue for a novel proactive approach, utilizing big data, for (I) identifying potential att… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
7
0

Year Published

2017
2017
2020
2020

Publication Types

Select...
3
1

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(7 citation statements)
references
References 13 publications
0
7
0
Order By: Relevance
“…In 2016, a US legislation was introduced to promote information sharing and emphasizing on new standards to facilitate such endeavors via the NST, the U.S. National Institute of Standards and Technology. According to the Compound Annual Growth Rate (CGR), Cybersecurity attacks are on the rise and incredibly from 66% every year since 2009 [20].With vulnerabilities that are designed flawed along with defects, hackers are able to infiltrate network and gain access to data and are able to control critical systems and proliferate denial of service.…”
Section: Current System Flawsmentioning
confidence: 99%
“…In 2016, a US legislation was introduced to promote information sharing and emphasizing on new standards to facilitate such endeavors via the NST, the U.S. National Institute of Standards and Technology. According to the Compound Annual Growth Rate (CGR), Cybersecurity attacks are on the rise and incredibly from 66% every year since 2009 [20].With vulnerabilities that are designed flawed along with defects, hackers are able to infiltrate network and gain access to data and are able to control critical systems and proliferate denial of service.…”
Section: Current System Flawsmentioning
confidence: 99%
“…This contribution is an additional example of how proactive security allows for a faster response against abuse. Finally, the work by Bui [2] comes closest to our proposal. The authors argued that cybersecurity can capitalize on the Germination Period, which is "the time lag between hacker communities discussing software flaw types and flaws actually being exploited" Bui [2].…”
Section: Related Workmentioning
confidence: 72%
“…Finally, the work by Bui [2] comes closest to our proposal. The authors argued that cybersecurity can capitalize on the Germination Period, which is "the time lag between hacker communities discussing software flaw types and flaws actually being exploited" Bui [2]. They consequently proposed to crawl hacker forums for 0-days and vulnerabilities to feed a proactive security system.…”
Section: Related Workmentioning
confidence: 72%
“…They also identify two main categories of data sources available online that can contain data which suits the model proposed in this paper: hacker communities and public security databases. Several studies such as [7] [8] show that hacker communities need information and (continuously) share information among themselves in order to be effective. The collaboration between black hat hackers is based on subtle and indirect ways of work and discussing, presented in [3].…”
Section: Semantic Web and Cybersecuritymentioning
confidence: 99%
“…Germination period can be explained as "the time lag between hacker communities discussing software flaw types and flaws actually being exploited". [7] Its length depends on the difficulty of exploiting the vulnerabilities and the hackers' interest in it. This is the time when proactive measures can be taken.…”
Section: Semantic Web and Cybersecuritymentioning
confidence: 99%