Mostrar el registro sencillo del ítem
dc.contributor.author
Almukaynizi, Mohammed
dc.contributor.author
Marin, Ericsson
dc.contributor.author
Shah, Malay
dc.contributor.author
Nunes, Eric
dc.contributor.author
Simari, Gerardo
dc.contributor.author
Shakarian, Paulo
dc.contributor.other
Sikos, Leslie F.
dc.contributor.other
Choo, Kim Kwang Raymond
dc.date.available
2021-05-11T18:31:56Z
dc.date.issued
2020
dc.identifier.citation
Almukaynizi, Mohammed; Marin, Ericsson; Shah, Malay; Nunes, Eric; Simari, Gerardo; et al.; A Logic Programming Approach to Predict Enterprise-Targeted Cyberattacks; Springer Nature Switzerland AG; 177; 2020; 13-32
dc.identifier.isbn
978-3-030-38788-4
dc.identifier.issn
1868-4394
dc.identifier.uri
http://hdl.handle.net/11336/131839
dc.description.abstract
Although cybersecurity research has demonstrated that many of the recent cyberattacks targeting real-world organizations could have been avoided, proactively identifying and systematically understanding when and why those events are likely to occur is still challenging. It has earlier been shown that monitoring malicious hacker discussions about software vulnerabilities in the Dark web and Deep web platforms (D2web) is indicative of future cyberattack incidents. Based on this finding, a system generating warnings of cyberattack incidents was previously developed. However, key limitations to this approach are (1) the strong reliance on explicit software vulnerability mentions from malicious hackers, and (2) the inability to adapt to the ephemeral, constantly changing nature of D2web sites. In this chapter, we address those limitations by leveraging indicators that capture aggregate discussion trends identified from the context of hacker discussions across multiple hacker community websites. Our approach is evaluated on real-world, enterprise-targeted attack events of malicious emails. Compared to a baseline statistical prediction model, our approach provides better precision-recall tradeoff. In addition, it produces actionable, transparent predictions that provide details about the observed hacker activity and reasoning led to certain decision. Moreover, when the predictions of our approach are fused with the predictions of the statistical prediction model, recall can be improved by over 14% while maintaining precision.
dc.format
application/pdf
dc.language.iso
eng
dc.publisher
Springer Nature Switzerland AG
dc.rights
info:eu-repo/semantics/restrictedAccess
dc.rights.uri
https://creativecommons.org/licenses/by-nc-sa/2.5/ar/
dc.source
https://link.springer.com/bookseries/8578
dc.subject
CYBERATTACK
dc.subject
PREDICTION MODEL
dc.subject
CYBERSECURITY
dc.subject
HACKERS
dc.subject.classification
Ciencias de la Computación
dc.subject.classification
Ciencias de la Computación e Información
dc.subject.classification
CIENCIAS NATURALES Y EXACTAS
dc.title
A Logic Programming Approach to Predict Enterprise-Targeted Cyberattacks
dc.type
info:eu-repo/semantics/publishedVersion
dc.type
info:eu-repo/semantics/bookPart
dc.type
info:ar-repo/semantics/parte de libro
dc.date.updated
2021-04-12T15:51:36Z
dc.identifier.eissn
1868-4408
dc.journal.volume
177
dc.journal.pagination
13-32
dc.journal.pais
Suiza
dc.journal.ciudad
Cham
dc.description.fil
Fil: Almukaynizi, Mohammed. Arizona State University; Estados Unidos
dc.description.fil
Fil: Marin, Ericsson. Arizona State University; Estados Unidos
dc.description.fil
Fil: Shah, Malay. Cyber Reconnaissance Inc.; Estados Unidos
dc.description.fil
Fil: Nunes, Eric. Arizona State University; Estados Unidos
dc.description.fil
Fil: Simari, Gerardo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca. Instituto de Ciencias e Ingeniería de la Computación. Universidad Nacional del Sur. Departamento de Ciencias e Ingeniería de la Computación. Instituto de Ciencias e Ingeniería de la Computación; Argentina
dc.description.fil
Fil: Shakarian, Paulo. Arizona State University; Estados Unidos
dc.relation.alternativeid
info:eu-repo/semantics/altIdentifier/url/https://link.springer.com/chapter/10.1007/978-3-030-38788-4_2
dc.relation.alternativeid
info:eu-repo/semantics/altIdentifier/doi/https://doi.org/10.1007/978-3-030-38788-4_2
dc.conicet.paginas
XII; 129
dc.source.titulo
Data Science in Cybersecurity and Cyberthreat Intelligence
Archivos asociados