HUSÁK, Martin, Václav BARTOŠ, Pavol SOKOL and Andrej GAJDOŠ. Predictive Methods in Cyber Defense: Current Experience and Research Challenges. Future Generation Computer Systems. Amsterdam, The Netherlands: Elsevier Science, vol. 115, February, p. 517-530. ISSN 0167-739X. 2021.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Predictive Methods in Cyber Defense: Current Experience and Research Challenges
Authors HUSÁK, Martin, Václav BARTOŠ, Pavol SOKOL and Andrej GAJDOŠ.
Edition Future Generation Computer Systems, Amsterdam, The Netherlands, Elsevier Science, 2021, 0167-739X.
Other information
Original language English
Type of outcome Article in a journal
Country of publisher Netherlands
Confidentiality degree is not subject to a state or trade secret
WWW URL
Organization Ústav výpočetní techniky – Repository – Repository
UT WoS 000591438900018
Keywords in English Cybersecurity;Prediction;Forecasting;Data mining;Machine learning;Time series
Links EF16_019/0000822, research and development project.
Changed by Changed by: RNDr. Daniel Jakubík, učo 139797. Changed: 9/1/2021 01:40.
Abstract
Predictive analysis allows next-generation cyber defense that is more proactive than current approaches based on intrusion detection. In this paper, we discuss various aspects of predictive methods in cyber defense and illustrate them on three examples of recent approaches. The first approach uses data mining to extract frequent attack scenarios and uses them to project ongoing cyberattacks. The second approach uses a dynamic network entity reputation score to predict malicious actors. The third approach uses time series analysis to forecast attack rates in the network. This paper presents a unique evaluation of the three distinct methods in a common environment of an intrusion detection alert sharing platform, which allows for a comparison of the approaches and illustrates the capabilities of predictive analysis for current and future research and cybersecurity operations. Our experiments show that all three methods achieved a sufficient technology readiness level for experimental deployment in an operational setting with promising accuracy and usability. Namely prediction and projection methods, despite their differences, are highly usable for predictive blacklisting, the first provides a more detailed output, and the second is more extensible. Network security situation forecasting is lightweight and displays very high accuracy, but does not provide details on predicted events.
Type Name Uploaded/Created by Uploaded/Created Rights
2021-FGCS-Predictive-methods-in-cyber-defense.pdf   File version 15/10/2020

Properties

Name
2021-FGCS-Predictive-methods-in-cyber-defense.pdf
Address within IS
https://repozitar.cz/auth/repo/40706/932701/
Address for the users outside IS
https://repozitar.cz/repo/40706/932701/
Address within Manager
https://repozitar.cz/auth/repo/40706/932701/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/40706/932701/?info
Uploaded/Created
Thu 15/10/2020 02:04

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person Mgr. Lucie Vařechová, uco 106253
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Jolana Surýnková, uco 220973
Attributes
 
Print
Add to clipboard Displayed: 28/3/2024 18:10