Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X, Anthi, Eirini, Reineckea, Philipp, Williams, Lowri, Caoa, Fengnian, Aldmoura, Rakan and Jones, Kevin 2024. Mapping automated cyber attack intelligence to context-based impact on system-level goals. Journal of Cybersecurity and Privacy 4 (2) , pp. 340-356. 10.3390/jcp4020017 |
Preview |
PDF
- Published Version
Available under License Creative Commons Attribution. Download (1MB) | Preview |
Abstract
Traditionally, cyber risk assessment considers system-level risk separately from individual component-level risk, i.e., devices, data, people. This separation prevents effective impact assessment where attack intelligence for a specific device can be mapped to its impact on the entire system, leading to cascading failures. Furthermore, risk assessments typically follow a failure or attack perspective, focusing on potential problems, which means they need to be updated as attacks evolve. This approach does not scale to modern digital ecosystems. In this paper, we present a Data Science approach, which involves using machine learning algorithms and statistical models to analyse and predict the impact of cyber attacks. Specifically, this approach integrates automated attack detection on specific devices with a systems view of risk. By mapping operational goals in a top-down manner, we transform attack intelligence on individual components into system success probabilities.
Item Type: | Article |
---|---|
Date Type: | Publication |
Status: | Published |
Schools: | Computer Science & Informatics |
Publisher: | MDPI |
ISSN: | 2624-800X |
Date of First Compliant Deposit: | 3 June 2024 |
Date of Acceptance: | 31 May 2024 |
Last Modified: | 12 Jun 2024 13:29 |
URI: | https://orca.cardiff.ac.uk/id/eprint/169443 |
Actions (repository staff only)
Edit Item |