CAPTURE: Cyberattack Forecasting Using Non-Stationary Features with Time Lags
作者: Ahmet Okutan , Shanchieh Jay Yang , Katie McConky , Gordon Werner
关键词: Computer science 、 Concept drift 、 Volume (computing) 、 Baseline model 、 Variety (cybernetics) 、 Range (statistics) 、 Data mining 、 Early signs 、 Task (project management) 、 Third party
摘要: Forecasting cyberattacks before they occur is an important yet challenging task, as exploring early signs of attack from a large volume data not trivial. This paper describes the design and evaluation novel automated system, CAPTURE, which uses broad range unconventional signals derived various open sources to forecast towards target organization anonymized CorpX. It includes approaches select relevant significant, but redundant, lagged treat non-stationary relationships between cyberattack occurrences. Using cyber incidents recorded by third party 146 variety sources, this demonstrates that CAPTURE performs significantly better than baseline model with configurations. Furthermore, offers insights human analysts on how specific contributed forecasts.
sci-hub.se 参考文章(27)
Albert Bifet, Rafael Morales-Bueno, Ricard Gavald, Manuel Baena-Garc, Jose del Campo ¶ Avila, Early Drift Detection Method ,(2005)
Yang Liu, Armin Sarabi, Jing Zhang, Parinaz Naghizadeh, Manish Karir, Michael Bailey, Mingyan Liu, None, Cloudy with a chance of breach: forecasting cyber security incidents usenix security symposium. pp. 1009- 1024 ,(2015)
James Cannady, Artificial Neural Networks for Misuse Detection ,(1998)
Richard P Lippmann, Robert K Cunningham, Improving intrusion detection performance using keyword selection and neural networks recent advances in intrusion detection. ,vol. 34, pp. 597- 603 ,(2000) , 10.1016/S1389-1286(00)00140-7
Yinhui Li, Jingbo Xia, Silan Zhang, Jiakai Yan, Xiaochuan Ai, Kuobin Dai, An efficient intrusion detection system based on support vector machines and gradually feature removal method Expert Systems With Applications. ,vol. 39, pp. 424- 430 ,(2012) , 10.1016/J.ESWA.2011.07.032
Carl Livadas, Robert Walsh, David Lapsley, W. Timothy Strayer, Usilng Machine Learning Technliques to Identify Botnet Traffic local computer networks. pp. 967- 974 ,(2006) , 10.1109/LCN.2006.322210
Gregory F. Cooper, Edward Herskovits, A Bayesian Method for the Induction of Probabilistic Networks from Data Machine Learning. ,vol. 9, pp. 309- 347 ,(1992) , 10.1023/A:1022649401552
Ting-Fang Yen, Victor Heorhiadi, Alina Oprea, Michael K. Reiter, Ari Juels, An Epidemiological Study of Malware Encounters in a Large Enterprise computer and communications security. pp. 1117- 1130 ,(2014) , 10.1145/2660267.2660330
Leyla Bilge, Sevil Sen, Davide Balzarotti, Engin Kirda, Christopher Kruegel, Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains ACM Transactions on Information and System Security. ,vol. 16, pp. 14- ,(2014) , 10.1145/2584679
Jiong Zhang, M. Zulkernine, A. Haque, Random-Forests-Based Network Intrusion Detection Systems systems man and cybernetics. ,vol. 38, pp. 649- 659 ,(2008) , 10.1109/TSMCC.2008.923876