On Aggregation and Prediction of Cybersecurity Incident Reports

被引：2

作者：

Carriegos, Miguel, V ^{[1
]}

Munoz Castaneda, Angel L. ^{[1
]}

Trobajo, M. T. ^{[1
]}

Asterio De Zaballa, Diego ^{[2
]}

机构：

[1] Univ Leon, Dept Matemat, Leon 24007, Spain

[2] Univ Leon, Inst Ciencias Aplicadas Ciberseguridad, Leon 24007, Spain

来源：

IEEE ACCESS | 2021年 / 9卷

关键词：

Computer security; Time series analysis; Aggregates; Forecasting; Databases; Predictive models; Time measurement; Cybersecurity; extended dynamic mode decomposition; Koopman operator; time series forecasting; threat prediction MSC[2010; DYNAMIC-MODE DECOMPOSITION; KOOPMAN OPERATOR; SYSTEMS; VALIDATION; REDUCTION; SECURITY;

D O I：

10.1109/ACCESS.2021.3097834

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The study of cybersecurity incidents is an active research field. The purpose of this work is to determine accurate measures of cybersecurity incidents. An effective method to aggregate cybersecurity incident reports is defined to set these measures. As a result we are able to make predictions and, therefore, to deploy security policies. Forecasting time-series of those cybersecurity aggregates is performed based on Koopman's method and Dynamic Mode Decomposition algorithm. Both techniques have shown to be accurate for a wide variety of dynamical systems ranging from fluid dynamics to social sciences. We have performed some experiments on public databases. We show that the measure of the risk trend can be effectively forecasted.

引用

页码：102636 / 102648

页数：13

共 50 条

[31] Incident Notification in Italian Cybersecurity. An Analysis of Effectiveness and Post-attack Learning
Busetti, Simone
Scanni, Francesco Maria
RIVISTA ITALIANA DI POLITICHE PUBBLICHE, 2024, (01) : 145 - 171
[32] Game-based learning: A review of tabletop exercises for cybersecurity incident response training
Angafor, Giddeon N.
Yevseyeva, Iryna
He, Ying
SECURITY AND PRIVACY, 2020, 3 (06):
[33] Problems with incident reporting: Reports lead rarely to recommendations
Liukka, Mari
Hupli, Markku
Turunen, Hannele
JOURNAL OF CLINICAL NURSING, 2019, 28 (9-10) : 1607 - 1613
[34] Text analysis in incident duration prediction
Pereira, Francisco C.
Rodrigues, Filipe
Ben-Akiva, Moshe
Transportation Research Part C: Emerging Technologies, 2014, 37 : 177 - 192
[35] Defining the reporting threshold for a cybersecurity incident under the NIS Directive and the NIS 2 Directive
Schmitz-Berndt, Sandra
JOURNAL OF CYBERSECURITY, 2023, 9 (01):
[36] ARCS: Adaptive Reinforcement Learning Framework for Automated Cybersecurity Incident Response Strategy Optimization
Ren, Shaochen
Jin, Jianian
Niu, Guanchong
Liu, Yang
APPLIED SCIENCES-BASEL, 2025, 15 (02):
[37] Enhancing Cybersecurity in Wireless Sensor Networks: Innovative Framework for Optimized Data Aggregation
Godi, Rakesh Kumar
Bhoothpur, Vikranth
Bhanushree, K. J.
Ambika, B. J.
Gowda, Naveen Chandra
INTERNATIONAL JOURNAL OF ONLINE AND BIOMEDICAL ENGINEERING, 2025, 21 (01) : 151 - 164
[38] Big Data Analytics in Cybersecurity: Network Data and Intrusion Prediction
Wang, Lidong
Jones, Randy
2019 IEEE 10TH ANNUAL UBIQUITOUS COMPUTING, ELECTRONICS & MOBILE COMMUNICATION CONFERENCE (UEMCON), 2019, : 105 - 111
[39] Moving towards agile cybersecurity incident response: A case study exploring the enabling role of big data analytics-embedded dynamic capabilities
Naseer, Ayesha
Naseer, Humza
Ahmad, Atif
Maynard, Sean B.
Siddiqui, Adil Masood
COMPUTERS & SECURITY, 2023, 135
[40] Criminal incident prediction based on geographical profile
1600, Journal of Chemical and Pharmaceutical Research, 3/668 Malviya Nagar, Jaipur, Rajasthan, India (06):

← 1 2 3 4 5 →