Polatidis, Nikolaos and Pimenidis, Elias and Pavlidis, Michalis and Papastergiou, Spyridon and Mouratidis, Haralambos (2020) From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks. Evolving Systems, 11 (3). pp. 479-490. DOI https://doi.org/10.1007/s12530-018-9234-z
Polatidis, Nikolaos and Pimenidis, Elias and Pavlidis, Michalis and Papastergiou, Spyridon and Mouratidis, Haralambos (2020) From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks. Evolving Systems, 11 (3). pp. 479-490. DOI https://doi.org/10.1007/s12530-018-9234-z
Polatidis, Nikolaos and Pimenidis, Elias and Pavlidis, Michalis and Papastergiou, Spyridon and Mouratidis, Haralambos (2020) From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks. Evolving Systems, 11 (3). pp. 479-490. DOI https://doi.org/10.1007/s12530-018-9234-z
Abstract
Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks in terms of risk management. The proposed method has been experimentally evaluated and validated, with the results showing that it is both practical and effective.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | Recommender systems; Cyber security; Attack graph generation; Attack prediction; Risk management |
Divisions: | Faculty of Science and Health Faculty of Science and Health > Computer Science and Electronic Engineering, School of |
SWORD Depositor: | Unnamed user with email elements@essex.ac.uk |
Depositing User: | Unnamed user with email elements@essex.ac.uk |
Date Deposited: | 08 Oct 2021 14:14 |
Last Modified: | 23 Sep 2022 19:47 |
URI: | http://repository.essex.ac.uk/id/eprint/31228 |
Available files
Filename: EVOS+2018+CRV.pdf