The strength of time series modeling is generally not used in almost all current intrusion detection and prevention systems. By having time series models, system administrators will be able to better plan resource allocation and system readiness to defend against malicious activities. In this paper, we address the knowledge gap by investigating the possible inclusion of a statistical based time series modeling that can be seamlessly integrated into existing cyber defense system. Cyber-attack processes exhibit long range dependence and in order to investigate such properties a new class of Generalized Autoregressive Moving Average (GARMA) can be used. In this paper, GARMA (1, 1; 1, ±) model is fitted to cyber-attack data sets. Two different estimation methods are used. Point forecasts to predict the attack rate possibly hours ahead of time also has been done and the performance of the models and estimation methods are discussed. The investigation of the case-study will confirm that by exploiting the statistical properties, it is possible to predict cyber-attacks (at least in terms of attack rate) with good accuracy. This kind of forecasting capability would provide sufficient early-warning time for defenders to adjust their defense configurations or resource allocations.
Birincil Dil | İngilizce |
---|---|
Bölüm | Research Article |
Yazarlar | |
Yayımlanma Tarihi | 13 Ocak 2015 |
Yayımlandığı Sayı | Yıl 2015 Cilt: 3 Sayı: 1 |