Survey of Attack Projection, Prediction, and Forecasting in Cyber Security

Investor logo

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Institute of Computer Science. Official publication website can be found on muni.cz.
Authors

HUSÁK Martin KOMÁRKOVÁ Jana BOU-HARB Elias ČELEDA Pavel

Year of publication 2019
Type Article in Periodical
Magazine / Source IEEE Communications Surveys & Tutorials
MU Faculty or unit

Institute of Computer Science

Citation
Web https://ieeexplore.ieee.org/document/8470942/
Doi http://dx.doi.org/10.1109/COMST.2018.2871866
Keywords cyber security;intrusion detection;situational awareness;prediction;forecasting;model checking
Attached files
Description This paper provides a survey of prediction, and forecasting methods used in cyber security. Four main tasks are discussed first, attack projection and intention recognition, in which there is a need to predict the next move or the intentions of the attacker, intrusion prediction, in which there is a need to predict upcoming cyber attacks, and network security situation forecasting, in which we project cybersecurity situation in the whole network. Methods and approaches for addressing these tasks often share the theoretical background and are often complementary. In this survey, both methods based on discrete models, such as attack graphs, Bayesian networks, and Markov models, and continuous models, such as time series and grey models, are surveyed, compared, and contrasted. We further discuss machine learning and data mining approaches, that have gained a lot of attention recently and appears promising for such a constantly changing environment, which is cyber security. The survey also focuses on the practical usability of the methods and problems related to their evaluation.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.