SPATIO-TEMPORAL ANALYSIS OF DEPENDENT RISK WITH AN APPLICATION TO CYBERATTACKS DATA

被引:1
作者
Kim, Shonghyun [1 ]
Lim, Chae Young [1 ]
Rho, Yeonwoo [2 ]
机构
[1] Seoul Natl Univ, Dept Stat, Seoul, South Korea
[2] Michigan Technol Univ, Dept Math Sci, Houghton, MI USA
来源
ANNALS OF APPLIED STATISTICS | 2024年 / 18卷 / 04期
基金
新加坡国家研究基金会;
关键词
Clustering; cyberattack; honeypot data; MCMC; spatial-GARCH model; TIME-SERIES; MODELS; STATIONARITY; FRAMEWORK; RATES;
D O I
10.1214/24-AOAS1952
中图分类号
O21 [概率论与数理统计]; C8 [统计学];
学科分类号
020208 ; 070103 ; 0714 ;
摘要
Cybersecurity is an important issue given the increasing risks due to cyberattacks in many areas. Cyberattacks could result in huge losses such as data breaches, failures in the control systems of infrastructures, physical damages in manufacturing industries, etc. As a result, cybersecurity-related research has grown rapidly for in-depth analysis. One main interest is to understand the correlated nature of cyberattack data. To understand such characteristics, we propose a spatio-temporal model for the hostwisely aggregated cyberattack data by incorporating the characteristics of the attackers. We develop a new dissimilarity measure as a proxy of spatial distance to be integrated into the model. The proposed model can be considered as a spatial extension of the GARCH model. The estimation is carried out using a Bayesian approach, which is demonstrated to work well in simulations. The proposed model is applied to publicly available honeypot data after the data are divided by selected features of the attackers via clustering. The estimated model parameters vary by groups of attackers, which was not revealed by modeling the entire dataset.
引用
收藏
页码:3549 / 3569
页数:21
相关论文
共 72 条
[1]   A Neural Network Architecture Combining Gated Recurrent Unit (GRU) and Support Vector Machine (SVM) for Intrusion Detection in Network Traffic Data [J].
Agarap, Abien Fred M. .
PROCEEDINGS OF 2018 10TH INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND COMPUTING (ICMLC 2018), 2018, :26-30
[2]  
Anirudh M, 2017, 2017 INTERNATIONAL CONFERENCE ON COMPUTER, COMMUNICATION AND SIGNAL PROCESSING (ICCCSP), P11
[3]   EA-POT: An Explainable AI Assisted Blockchain Framework for Honeypot IP Predictions [J].
Benedict, Shajulin .
ACTA CYBERNETICA, 2023, 26 (02) :149-173
[4]   A CAPITAL-ASSET PRICING MODEL WITH TIME-VARYING COVARIANCES [J].
BOLLERSLEV, T ;
ENGLE, RF ;
WOOLDRIDGE, JM .
JOURNAL OF POLITICAL ECONOMY, 1988, 96 (01) :116-131
[5]   MODELING THE COHERENCE IN SHORT-RUN NOMINAL EXCHANGE-RATES - A MULTIVARIATE GENERALIZED ARCH MODEL [J].
BOLLERSLEV, T .
REVIEW OF ECONOMICS AND STATISTICS, 1990, 72 (03) :498-505
[6]   GENERALIZED AUTOREGRESSIVE CONDITIONAL HETEROSKEDASTICITY [J].
BOLLERSLEV, T .
JOURNAL OF ECONOMETRICS, 1986, 31 (03) :307-327
[7]  
Bollerslev T., 1994, HDB ECONOMETRICS CHA, P2959, DOI [DOI 10.1016/S1573-4412(05)80018-2, 10.1016/S 1573-4412(05)80018-2]
[8]  
Chan Joshua C. C., 2009, International Journal of Mathematical Modelling and Numerical Optimisation, V1, P101, DOI 10.1504/IJMMNO.2009.030090
[9]   Bayesian estimation of realized GARCH-type models with application to financial tail risk management [J].
Chen, Cathy W. S. ;
Watanabe, Toshiaki ;
Lin, Edward M. H. .
ECONOMETRICS AND STATISTICS, 2023, 28 :30-46
[10]   Spatiotemporal Patterns and Predictability of Cyberattacks [J].
Chen, Yu-Zhong ;
Huang, Zi-Gang ;
Xu, Shouhuai ;
Lai, Ying-Cheng .
PLOS ONE, 2015, 10 (05)
12345678