Reasoning about future cyber-attacks through socio-technical hacking information

Ericsson Marin, Mohammed Almukaynizi, Paulo Shakarian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

With the widespread of cyber-attack incidents, cybersecurity has become a major concern for organizations. The waste of time, money and resources while organizations counter irrelevant cyber threats can turn them into the next victim of malicious hackers. In addition, the online hacking community has grown rapidly, making the cyber threat landscape hard to keep track of. In this work, we describe an AI tool that uses a temporal logical framework to learn rules that correlate malicious hacking activity with real-world cyber incidents, aiming to leverage these rules for predicting future cyber-attacks. The framework considers socio-personal and technical indicators of enterprise attacks, analyzing the hackers and their strategies when they are planning cyber offensives online. Our results demonstrate the viability of the proposed approach, which outperforms baseline systems by an average F1 score increase of 138%, 71% and 17% for intervals of 1, 2 and 3 days respectively, providing security teams mechanisms to predict and avoid cyber-attacks.

Original languageEnglish (US)
Title of host publicationProceedings - IEEE 31st International Conference on Tools with Artificial Intelligence, ICTAI 2019
PublisherIEEE Computer Society
Pages157-164
Number of pages8
ISBN (Electronic)9781728137988
DOIs
StatePublished - Nov 2019
Event31st IEEE International Conference on Tools with Artificial Intelligence, ICTAI 2019 - Portland, United States
Duration: Nov 4 2019Nov 6 2019

Publication series

NameProceedings - International Conference on Tools with Artificial Intelligence, ICTAI
Volume2019-November
ISSN (Print)1082-3409

Conference

Conference31st IEEE International Conference on Tools with Artificial Intelligence, ICTAI 2019
CountryUnited States
CityPortland
Period11/4/1911/6/19

Keywords

  • AI
  • Cybersecurity
  • Darkweb
  • Temporal Logic

ASJC Scopus subject areas

  • Software
  • Artificial Intelligence
  • Computer Science Applications

Fingerprint Dive into the research topics of 'Reasoning about future cyber-attacks through socio-technical hacking information'. Together they form a unique fingerprint.

Cite this