The Spatial Analysis of the Malicious Uniform Resource Locators (URLs): 2016 Dataset Case Study

被引:3
作者
Amin, Raid W. [1 ]
Sevil, Hakki Erhan [2 ]
Kocak, Salih [3 ]
Francia, Guillermo, III [4 ]
Hoover, Philip [1 ]
机构
[1] Univ West Florida, Math & Stat, Pensacola, FL 32514 USA
[2] Univ West Florida, Intelligent Syst & Robot, Pensacola, FL 32514 USA
[3] Univ West Florida, Construct Management, Pensacola, FL 32514 USA
[4] Univ West Florida, Ctr Cybersecur, Pensacola, FL 32514 USA
关键词
cyber attack; spatial analysis; Uniform Resource Locators (URLs); phishing; malware; spam; defacement;
D O I
10.3390/info12010002
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this study, we aimed to identify spatial clusters of countries with high rates of cyber attacks directed at other countries. The cyber attack dataset was obtained from Canadian Institute for Cybersecurity, with over 110,000 Uniform Resource Locators (URLs), which were classified into one of 5 categories: benign, phishing, malware, spam, or defacement. The disease surveillance software SaTScan(TM) was used to perform a spatial analysis of the country of origin for each cyber attack. It allowed the identification of spatial and space-time clusters of locations with unusually high counts or rates of cyber attacks. Number of internet users per country obtained from the 2016 CIA World Factbook was used as the population baseline for computing rates and Poisson analysis in SaTScan(TM). The clusters were tested for significance with a Monte Carlo study within SaTScan(TM), where any cluster with p < 0.05 was designated as a significant cyber attack cluster. Results using the rate of the different types of malicious URL cyber attacks are presented in this paper. This novel approach of studying cyber attacks from a spatial perspective provides an invaluable relative risk assessment for each type of cyber attack that originated from a particular country.
引用
收藏
页码:1 / 18
页数:18
相关论文
共 31 条
[1]  
Abdalrahman G.A., 2019, P 2019 7 INT S DIGIT, P1
[2]  
Ahmad S., 2012, INT J SMART GRID CLE, V1, P15, DOI DOI 10.12720/SGCE.1.1.15-21
[3]  
Altman D.G., 1991, Practical statistics for medical research
[4]  
Bapiyev I. M., 2017, Int. J. Civil Eng. Technol., V8, P1086
[5]  
Bloedorn E., 2001, DATA MINING NETWORK
[6]   A systematic approach for detecting and clustering distributed cyber scanning [J].
Bou-Harb, Elias ;
Debbabi, Mourad ;
Assi, Chadi .
COMPUTER NETWORKS, 2013, 57 (18) :3826-3839
[7]   Modeling security in cyber-physical systems [J].
Burmester, Mike ;
Magkos, Ernmanouil ;
Chrissikopoulos, Vassilis .
INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2012, 5 (3-4) :118-126
[8]  
Canadian Institute for Cybersecurity, URL DAT ISCX URL2016
[9]  
Central Intelligence Agency, WORLD FACTBOOK
[10]   Spatiotemporal Patterns and Predictability of Cyberattacks [J].
Chen, Yu-Zhong ;
Huang, Zi-Gang ;
Xu, Shouhuai ;
Lai, Ying-Cheng .
PLOS ONE, 2015, 10 (05)