Javier Sánchez García-Ochoa, Alberto Fernández Isabel, Clara Contreras Nevares, Rubén Rodríguez Fernández, Isaac Martín de Diego, and Marta Beltrán Pardo publish "Defining the Attractiveness Concept for Cyber Incident Forecasting" in Computer Science and Information Systems. The international journal published by ComSIS Consortium
This publication is part of the public-private collaboration project DICYME (Dynamic Industrial CYberrisk Modeling based on Evidence), jointly developed by the Rey Juan Carlos University and the company DeNexus.
Abstract
Cyber incident forecasting has several applications within the security field, such as attack projection, intention recognition, attack prediction, or situational awareness. One of the main challenges of these issues lies in analysing the proneness of an entity to be attacked by an adversary evaluating the relevance of different target features or behaviours. This paper presents a methodology that defines the Attractiveness concept to address this issue. Attractiveness is the possession of features or the exhibition of behaviours in entities that raise interest for potential adversaries. Thus, the more significant the Attractiveness value is, the greater the proneness of attacking could be considered. The concept is decomposed into three main branches: basal attractiveness (relevance of the entity in the world), online reputation (the opinion of the individuals and the reach of the entity), and potential victimisation (the interest that the entity arouses for potential attackers). Machine Learning (ML) methods in combination with Information Retrieval (IR) and text mining techniques have been proposed to gather relevant information and identify hidden patterns and relations in past security incidents. With this approach, potential targets could reduce their Attractiveness, focusing on those aspects that can be remedied. Alternatively, future risky situations could be predicted to better prepare for proactive protection, detection, and response. The proposal has been validated through several experiments.
Key words
Attractiveness, Cyber incidents, Victimisation, Online reputation, Forecasting
Digital Object Identifier (DOI)
https://doi.org/10.2298/CSIS250131060G
How to cite
García-Ochoa, J., Fernández-Isabel, A., Contreras, C., Fernández, R. R., Diego, I. M. d., Beltrán, M.: Defining the Attractiveness Concept for Cyber Incidents Forecasting. Computer Science and Information Systems, https://doi.org/10.2298/CSIS250131060G
Source: ComSis
Paper: