The Impact Analysis of Modeling Errors for projecting cyber attacks
سال انتشار: 1394
نوع سند: مقاله ژورنالی
زبان: انگلیسی
مشاهده: 684
فایل این مقاله در 16 صفحه با فرمت PDF قابل دریافت می باشد
- صدور گواهی نمایه سازی
- من نویسنده این مقاله هستم
استخراج به نرم افزارهای پژوهشی:
شناسه ملی سند علمی:
JR_IJMEC-5-15_008
تاریخ نمایه سازی: 16 فروردین 1395
چکیده مقاله:
One of the important components in predicting a credible future for cyber-attacks is the use of the number of attacks. Therefore, any change in the number of attacks will lead to errors in calculating the probabilities. In this paper, the impact of missing alerts on the predictive performance of Variable Length Markov Model for projecting the cyber-attacks is studied. By developing a comprehensive experiment, the impacts 0f missing alerts on the prediction have been obtained by removing the alerts from different locations of the attack sequence in different states. The results of the experiment show that if missed alerts are from just one part of the sequence they will cause less change in prediction accuracy and if missed alerts are scattered throughout the entire sequence, they will cause more change. When the sequence has a smaller symbol space, relatively less change is occurred in prediction accuracy while having larger symbol space causes more change. Overall, the results represent the strengths and weakness of Variable-Length Markov Model in projecting cyber-attacks. Based on this error analysis, a network analyst can infer and assess the predictive performance of Variable Length Markov Model when intrusion detection system loses some of the alerts. This research is an important step in developing a comprehensive report to assist cyber-attacks analysts.
کلیدواژه ها:
نویسندگان
Kourosh Dadashtabar Ahmadi
Complex of Information and Communications Technology (ICT), Institute for Research on Information fusion (IRIf),Malek-e-Ashtar University of Technology, Tehran, Iran
AliJabar Rashidi
Complex of Information and Communications Technology (ICT), Institute for Research on Information fusion (IRIf),Malek-e-Ashtar University of Technology, Tehran, Iran
Morteza Barari
Complex of Information and Communications Technology (ICT), Institute for Research on Information fusion (IRIf),Malek-e-Ashtar University of Technology, Tehran, Iran