Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Identifying cyber risk hotspots: A framework for measuring temporal variance in computer network risk

Awan, Malik Shahzad Kaleem, Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X and Rana, Omer Farooq ORCID: https://orcid.org/0000-0003-3597-2646 2016. Identifying cyber risk hotspots: A framework for measuring temporal variance in computer network risk. Computers and Security 57 , pp. 31-46. 10.1016/j.cose.2015.11.003

[thumbnail of 1-s2.0-S0167404815001674-main.pdf]
Preview
PDF - Published Version
Available under License Creative Commons Attribution.

Download (1MB) | Preview

Abstract

Modern computer networks generate significant volume of behavioural system logs on a daily basis. Such networks comprise many computers with Internet connectivity, and many users who access the Web and utilise Cloud services make use of numerous devices connected to the network on an ad-hoc basis. Measuring the risk of cyber attacks and identifying the most recent modus-operandi of cyber criminals on large computer networks can be difficult due to the wide range of services and applications running within the network, the multiple vulnerabilities associated with each application, the severity associated with each vulnerability, and the ever-changing attack vector of cyber criminals. In this paper we propose a framework to represent these features, enabling real-time network enumeration and traffic analysis to be carried out, in order to produce quantified measures of risk at specific points in time. We validate the approach using data from a University network, with a data collection consisting of 462,787 instances representing threats measured over a 144 hour period. Our analysis can be generalised to a variety of other contexts.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Uncontrolled Keywords: Cyber attacks; Network traffic analysis; System risk; Risk score; Risk grade; Cyber hotspots; Risk assessment framework
Publisher: Elsevier
ISSN: 0167-4048
Funders: EPSRC
Date of First Compliant Deposit: 19 May 2016
Date of Acceptance: 4 November 2015
Last Modified: 08 May 2023 02:38
URI: https://orca.cardiff.ac.uk/id/eprint/83175

Citation Data

Cited 10 times in Scopus. View in Scopus. Powered By Scopus® Data

Actions (repository staff only)

Edit Item Edit Item

Downloads

Downloads per month over past year

View more statistics