Malware in the future? Forecasting of analyst detection of cyber events

Bakdash, Jonathan Z.; Hutchinson, Steve; Zaroukian, Erin; Marusich, Laura R.; Thirumuruganathan, Saravanan; Sample, Char; Hoffman, Blaine; Das, Gautam

doi:10.1093/cybsec/tyy007

Cited by 24 publications

(20 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Malware a portmanteau for malicious software which is a software designed to cause extensive harm to a computer or computer network without the users' consent. Bakdash et al 19 defined malware as any software in the form of a computer virus, worms, trojan horses, and backdoors. The most common way of malware vector spreading includes emails, web browsers, application software downloads, and removable media devices.…”

Section: Literature Reviewmentioning

confidence: 99%

Cybersecurity awareness in Zimbabwean universities: Perspectives from the students

Matyokurehwa

Rudhumbu

Gombiro

et al. 2020

Security and Privacy

View full text Add to dashboard Cite

The study investigated the cybersecurity awareness (CSA) in Zimbabwean universities from the perspectives of the students. The study hypothesized a model to proffer theoretical and practical solutions to higher education students on cybersecurity training programs. The paper used a positivist approach to test three hypotheses on CSA among Zimbabwe universities. To test the hypothesized model, a total of 322 questionnaires were distributed among three universities in Zimbabwe. Descriptive and inferential statistics were used to test the data. ANOVA tests and regressions were used to test three hypotheses from the hypothesized model. Chi square was used for cross‐case analysis to test relationships between age, gender, education level, and institution on recoded variable CSA. The findings reveal that the social engineering attacks, malware attacks, and the internet of things attacks are all positively related to CSA findings from cross‐case analysis indicated that there were no differences on gender and age on CSA while there were differences on education level and institution on CSA. The findings from this study have implications for decision‐makers to come up with policies concerning CSA in the higher education sector.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Cybersecurity awareness in Zimbabwean universities: Perspectives from the students

Matyokurehwa

Rudhumbu

Gombiro

et al. 2020

Security and Privacy

View full text Add to dashboard Cite

show abstract

“…One particular kind of macroscopic study is to forecast (i.e., predict) cyber attacks at macroscopic levels, so as to achieve what may be called predictive situational awareness. There have been a number of studies in both univariate time series analysis in the cybersecurity domain (e.g., [3][4][5][6][7][8][9][10][11][12][13][14]) and multivariate time series analysis in the cybersecurity domain (e.g., [7,[15][16][17]). The present study belongs to this category, but initiating a new perspective of research.…”

Section: Introductionmentioning

confidence: 99%

“…More specifically, the present study falls into the sub-field of multivariate time series analysis [7,[15][16][17] of cybersecurity data analytics. There are studies on univariate time series analysis of cybersecurity data analytics, such as [3][4][5][6][7][8][9][10][11][12][13][14]39]. However, these studies do not consider causality.…”

Section: Introductionmentioning

confidence: 99%

Characterizing and Leveraging Granger Causality in Cybersecurity: Framework and Case Study

Trieu-Do¹,

Garcia-Lebron²,

Xu³

et al. 2021

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Causality is an intriguing concept that once tamed, can have many applications. While having been widely investigated in other domains, its relevance and usefulness in the cybersecurity domain has received little attention. In this paper, we present a systematic investigation of a particular approach to causality, known as Granger causality (G-causality), in cybersecurity. We propose a framework, dubbed Cybersecurity Granger Causality (CGC), for characterizing the presence of G-causality in cyber attack rate time series and for leveraging G-causality to predict (i.e., forecast) cyber attack rates. The framework offers a range of research questions, which can be adopted or adapted to study G-causality in other kinds of cybersecurity time series data. In order to demonstrate the usefulness of CGC, we present a case study by applying it to a particular cyber attack dataset collected at a honeypot. From this case study, we draw a number of insights into the usefulness and limitations of G-causality in the cybersecurity domain.

show abstract

“…The ability to create foresight is usually performed by analysts within larger organizations or governmental agencies, such as national level cybersecurity centers, by quickly finding, analyzing, remediating, and documenting vulnerabilities and cyberattacks [6]. Although views on the general value of forecasting range from critical to cynical [7], a recent study by Schatz and Bashroush [8] shows that the security predictions of subject matter experts in this field did foresee notable developments in this area.…”

Section: Introductionmentioning

confidence: 99%

“…However, forecasting vulnerabilities and cyberattacks is not an easy job [12]. A common approach to provide decisive information is time-series forecasting of cyberattacks based on data from network telescopes, honeypots, and automated intrusion detection/prevention systems [6,12].…”

Section: Introductionmentioning

confidence: 99%

Text Mining in Cybersecurity: Exploring Threats and Opportunities

Boer

Bakker²,

Boertjes³

et al. 2019

MTI

View full text Add to dashboard Cite

The number of cyberattacks on organizations is growing. To increase cyber resilience, organizations need to obtain foresight to anticipate cybersecurity vulnerabilities, developments, and potential threats. This paper describes a tool that combines state of the art text mining and information retrieval techniques to explore the opportunities of using these techniques in the cybersecurity domain. Our tool, the Horizon Scanner, can scrape and store data from websites, blogs and PDF articles, and search a database based on a user query, show textual entities in a graph, and provide and visualize potential trends. The aim of the Horizon Scanner is to help experts explore relevant data sources for potential threats and trends and to speed up the process of foresight. In a requirements session and user evaluation of the tool with cyber experts from the Dutch Defense Cyber Command, we explored whether the Horizon Scanner tool has the potential to fulfill its aim in the cybersecurity domain. Although the overall evaluation of the tool was not as good as expected, some aspects of the tool were found to have added value, providing us with valuable insights into how to design decision support for forecasting analysts.

show abstract

Malware in the future? Forecasting of analyst detection of cyber events

Cited by 24 publications

References 46 publications

Cybersecurity awareness in Zimbabwean universities: Perspectives from the students

Cybersecurity awareness in Zimbabwean universities: Perspectives from the students

Characterizing and Leveraging Granger Causality in Cybersecurity: Framework and Case Study

Text Mining in Cybersecurity: Exploring Threats and Opportunities

Contact Info

Product

Resources

About