From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks
- PDF / 1,138,058 Bytes
- 12 Pages / 595.276 x 790.866 pts Page_size
- 60 Downloads / 184 Views
ORIGINAL PAPER
From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks Nikolaos Polatidis1 · Elias Pimenidis2 · Michalis Pavlidis1 · Spyridon Papastergiou3 · Haralambos Mouratidis1 Received: 3 January 2018 / Accepted: 13 May 2018 © Springer-Verlag GmbH Germany, part of Springer Nature 2018
Abstract Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks in terms of risk management. The proposed method has been experimentally evaluated and validated, with the results showing that it is both practical and effective. Keywords Recommender systems · Cyber security · Attack graph generation · Attack prediction · Risk management
1 Introduction Recommender systems are decision support systems available on the web to assist users in the selection of item or service selection in online domains. In doing so recommender systems assist users in overcoming the information overload problem (Lu et al. 2015; Polatidis and Georgiadis 2013). Collaborative filtering (CF) is the most widely used * Nikolaos Polatidis [email protected] Elias Pimenidis [email protected] Michalis Pavlidis [email protected] Spyridon Papastergiou [email protected] Haralambos Mouratidis [email protected] 1
School of Computing, Engineering and Mathematics, University of Brighton, Brighton BN2 4GJ, UK
2
Department of Computer Science and Creative Technologies, University of the West of England, Bristol BS16 1QY, UK
3
Department of Informatics, University of Piraeus, 18534 Piraeus, Greece
method for providing personalized recommendations. In CF systems, a database of user submitted ratings is used and the generated recommendations are generated on how much a user will like an unrated item based on previous common rated items. Thus, the recommendation process is based on assumptions about previous rating agreements and if these agreements will be maintained in the future. In addition, the ratings are used to create an n x m matrix with user ids, item ids and ratings, with an example of such a matrix shown in Table 1. This database has four users and four items with values from 1 to 5. The matrix is used as input when a
Data Loading...
