Next Article in Journal
Analysis on the Relationship between Eating Behavior, Physical Activities and Youth Obesity: Based on the Korea Youth Risk Behavior Survey for High School Students in 2016~2018
Previous Article in Journal
Privacy Preserving Data Publishing for Multiple Sensitive Attributes Based on Security Level
Previous Article in Special Issue
Smali+: An Operational Semantics for Low-Level Code Generated from Reverse Engineering Android Applications
Open AccessReview

Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects

1
St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, St. Petersburg 199178, Russia
2
Saint Petersburg Electrotechnical University “LETI”, Department of computer science and technology, St. Petersburg 197022, Russia
*
Author to whom correspondence should be addressed.
Information 2020, 11(3), 168; https://doi.org/10.3390/info11030168
Received: 18 February 2020 / Revised: 15 March 2020 / Accepted: 16 March 2020 / Published: 23 March 2020
(This article belongs to the Special Issue Advanced Topics in Systems Safety and Security)
Early detection of the security incidents and correct forecasting of the attack development is the basis for the efficient and timely response to cyber threats. The development of the attack depends on future steps available to the attackers, their goals, and their motivation—that is, the attacker “profile” that defines the malefactor behaviour in the system. Usually, the “attacker profile” is a set of attacker’s attributes—both inner such as motives and skills, and external such as existing financial support and tools used. The definition of the attacker’s profile allows determining the type of the malefactor and the complexity of the countermeasures, and may significantly simplify the attacker attribution process when investigating security incidents. The goal of the paper is to analyze existing techniques of the attacker’s behaviour, the attacker’ profile specifications, and their application for the forecasting of the attack future steps. The implemented analysis allowed outlining the main advantages and limitations of the approaches to attack forecasting and attacker’s profile constructing, existing challenges, and prospects in the area. The approach for attack forecasting implementation is suggested that specifies further research steps and is the basis for the development of an attacker behaviour forecasting technique. View Full-Text
Keywords: cyber attack; attacker; attacker profile; attacker behaviour; metrics; features; attributes; intelligent data analysis; attack forecasting; comparative review cyber attack; attacker; attacker profile; attacker behaviour; metrics; features; attributes; intelligent data analysis; attack forecasting; comparative review
Show Figures

Figure 1

MDPI and ACS Style

Doynikova, E.; Novikova, E.; Kotenko, I. Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects. Information 2020, 11, 168.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop