The Impact Analysis of Modeling Errors for projecting cyber attacks

سال انتشار: 1394
نوع سند: مقاله ژورنالی
زبان: انگلیسی
مشاهده: 702

فایل این مقاله در 16 صفحه با فرمت PDF قابل دریافت می باشد

استخراج به نرم افزارهای پژوهشی:

لینک ثابت به این مقاله:

شناسه ملی سند علمی:

JR_IJMEC-5-15_008

تاریخ نمایه سازی: 16 فروردین 1395

چکیده مقاله:

One of the important components in predicting a credible future for cyber-attacks is the use of the number of attacks. Therefore, any change in the number of attacks will lead to errors in calculating the probabilities. In this paper, the impact of missing alerts on the predictive performance of Variable Length Markov Model for projecting the cyber-attacks is studied. By developing a comprehensive experiment, the impacts 0f missing alerts on the prediction have been obtained by removing the alerts from different locations of the attack sequence in different states. The results of the experiment show that if missed alerts are from just one part of the sequence they will cause less change in prediction accuracy and if missed alerts are scattered throughout the entire sequence, they will cause more change. When the sequence has a smaller symbol space, relatively less change is occurred in prediction accuracy while having larger symbol space causes more change. Overall, the results represent the strengths and weakness of Variable-Length Markov Model in projecting cyber-attacks. Based on this error analysis, a network analyst can infer and assess the predictive performance of Variable Length Markov Model when intrusion detection system loses some of the alerts. This research is an important step in developing a comprehensive report to assist cyber-attacks analysts.

کلیدواژه ها:

Cyber defense ، predictive business ، Variable length Markov model ، projecting cyber attacks

نویسندگان

Kourosh Dadashtabar Ahmadi

Complex of Information and Communications Technology (ICT), Institute for Research on Information fusion (IRIf),Malek-e-Ashtar University of Technology, Tehran, Iran

AliJabar Rashidi

Complex of Information and Communications Technology (ICT), Institute for Research on Information fusion (IRIf),Malek-e-Ashtar University of Technology, Tehran, Iran

Morteza Barari

Complex of Information and Communications Technology (ICT), Institute for Research on Information fusion (IRIf),Malek-e-Ashtar University of Technology, Tehran, Iran