Statistical Models for the Number of Successful Cyber Intrusions
作者: Nandi O Leslie , Richard E Harang , Lawrence P Knachel , Alexander Kott
关键词:
摘要: We propose several generalized linear models (GLMs) to predict the number of successful cyber intrusions (or "intrusions") into an organization's computer network, where rate at which occur is a function following observable characteristics organization: (i) domain name server (DNS) traffic classified by their top-level domains (TLDs); (ii) network security policy violations; and (iii) set predictors that we collectively call "cyber footprint" comprised hosts on similarity educational institution behavior (SEIB), its records this http URL (ROSG). In addition, evaluate determine whether these events follow Poisson or negative binomial (NB) probability distribution. reveal NB GLM provides best fit model for observed count data, per organization, because allows variance data exceed mean. also show there are restricted simpler regression omit selected improve goodness-of-fit data. With our simulations, identify certain TLDs in DNS as having significant impact intrusions. use results conclude violations consistently predictive
arxiv.org
harvard.edu
sci-hub.se 参考文章(37)
Alexander Kott, Towards Fundamental Science of Cyber Security Network Science and Cybersecurity. pp. 1- 13 ,(2014) , 10.1007/978-1-4614-7597-2_1
Ekta Gandotra, Divya Bansal, Sanjeev Sofat, Computational Techniques for Predicting Cyber Threats Advances in Intelligent Systems and Computing. pp. 247- 253 ,(2015) , 10.1007/978-81-322-2012-1_26
Yang Liu, Armin Sarabi, Jing Zhang, Parinaz Naghizadeh, Manish Karir, Michael Bailey, Mingyan Liu, None, Cloudy with a chance of breach: forecasting cyber security incidents usenix security symposium. pp. 1009- 1024 ,(2015)
M.A. Maloof, P. Langley, T.O. Binford, R. Nevatia, S. Sage, Improved Rooftop Detection in Aerial Images with Machine Learning Machine Learning. ,vol. 53, pp. 157- 191 ,(2003) , 10.1023/A:1025623527461
Peter McCullagh, John Ashworth Nelder, Generalized Linear Models ,(1983)
Joseph M. Hilbe, Negative Binomial Regression ,(2007)
Jeremy Freese, J. Scott Long, Regression Models for Categorical Dependent Variables Using Stata ,(2014)
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
Jose Camacho, Gabriel Macia-Fernandez, Jesus Diaz-Verdejo, Pedro Garcia-Teodoro, Tackling the Big Data 4 vs for anomaly detection international conference on computer communications. pp. 500- 505 ,(2014) , 10.1109/INFCOMW.2014.6849282
Ebru Yeniman Yildirim, Gizem Akalp, Serpil Aytac, Nuran Bayram, Factors influencing information security management in small- and medium-sized enterprises: A case study from Turkey International Journal of Information Management. ,vol. 31, pp. 360- 365 ,(2011) , 10.1016/J.IJINFOMGT.2010.10.006