Title
Correlation and Dependence Analysis on Cyberthreat Alerts
Abstract
In this paper, a methodology for the enhancement of computer networks’ cyber-defense is presented. Using a time-series dataset, drawn for a 60-day period and for 12 hours per day and depicting the occurrences of cyberthreat alerts at hourly intervals, the correlation and dependency coefficients that occur in an organization’s network between different types of cyberthreat alerts are determined. Certain mathematical methods like the Spearman correlation coefficient and the Poisson regression stochastic model are used. For certain types of cyberthreat alerts, results show a significant positive correlation and dependence between them. The analysis methodology presented could help the administrative and IT managers of an organization to implement organizational policies for cybersecurity.
Keywords
Correlations, cyberattacks, dependencies, network, time series
Author
John M.A. Bothos
(National Centre for Scientific Research "Demokritos", Greece)
John M.A. Bothos is an economist, holding a BSc degree in economics and a MSc diploma in applied economics from Panteion University for Social and Political Sciences of Athens, Greece. He has a professional experience in econometric modelling and in project management. His main field of expertise is quantitative applied economic and social research with the use of mathematical analysis methodologies (algebra, differential and Demokritos" integration calculus, statistics, stochastic processes). His scientific interests concern the academic field of empirical applied research regarding the relations between economic and social variables that represent and describe economic and social phenomena and respective conditions of the socioeconomic environment.
Konstantinos-Georgios Thanos
(National Centre for Scientific Research "Demokritos", Greece)
Konstantinos-Georgios Thanos holds a diploma in physics and a MSc degree in Electronic Automation, with honors from the National and Kapodistrian University of Athens (UOA). Mr Thanos has working experience in software development regarding human gesture modeling and categorizations, intelligent systems and Automation Control. He has participated in EU funded research projects, concerning AI components in security surveillance frameworks, data mining and analytics from web media platforms. Currently he is a research associate in the Integrated Systems Laboratory (ISL) in NCSR “Demokritos” and PhD candidate in National and Technical University of Athens (NTUA). His research interests include human decision modeling, context-based recommender systems, collaborating filtering algorithms, computational intelligence and especially agent-based models and cognitive architectures.
Dimitris M. Kyriazanos
(National Centre for Scientific Research "Demokritos", Greece)
Dr. Dimitris M. Kyriazanos holds a PhD Degree in Privacy and Security Management of Personal Communication Systems and a Dipl. –Ing Degree in Electrical and Computer Eng. from NTUA, Greece. He is a Senior Research Associate in the Institute of Informatics and Telecommunications of NCSR Demokritos in Athens Greece, where he was recently elected Research Assistant Professor. His research interests include integrated security management and command and control systems, risk based security, automated decision making, indoor location based services, data fusion, data protection and PETs, privacy and ethics by design and other topics. He has extensive research work in the context of EC Research projects, having participated in more than 14 successfully completed projects since FP6, contributing to the development of a wide range of innovative prototype security management systems, applications and services, while publishing the results of his work in scientific journals and international conferences. He is an active member of the European and international community of researchers, professionals and end users working jointly in the area of secure and resilient societies, participating in bodies, working groups and advisory boards as a known expert in the area. He currently coordinates H2020 FLYSEC project, a research and innovation action focusing on risk based security approach for airport security checkpoints.
George Vardoulias
(National Centre for Scientific Research "Demokritos", Greece)
Dr. George Vardoulias, holds a Diploma in Electronic and Computer Engineering from the National Technical University of Athens, Greece (1997), and a Ph.D. degree from the University of Edinburgh, Scotland (2000). He has worked in Motorola Semiconductor Product Sector Ltd. U.K., Vodafone Greece and Forthnet-Nova, Greece, as a Lecturer of Telecommunication Systems in the Hellenic Naval Academy and as a senior Researcher in the Greek National Centre for Scientific Research “Demokritos”. He has participated in numerous EU-funded research projects in the areas of telecommunications and security. His research interests include: applications of Digital Signal Processing in various fields including Predictive Maintenance and Geophysics, Software-Defined Radio technology, Spread Spectrum systems and synchronization techniques, Inverse Problem Theory and Methods.
Andreas Zalonis
(National Centre for Scientific Research "Demokritos", Greece)
Dr. Andreas Zalonis holds a BSc degree in Physics, an MSc degree in Electronics and Telecommunications, and a PhD degree in Wireless Communication Systems from National Kapodistrian University of Athens (NKUA), Greece. He has significant experience in multi-tier cellular communication systems and standards, heterogeneous and cognitive radio systems. Since 2003 he has participated as R&D project manager, work-package coordinator, and researcher in several EU research projects (FP5, FP6, FP7, H2020) in the areas of wireless communications, security and cyber security systems. From 2003 to 2015 he was with the Institute of Accelerating Systems and Applications at NKUA. Since 2015 he works as R&D project manager at the Institute of Informatics and Telecommunications, at National Center for Scientific Research "Demokritos" in Athens, Greece.
Eirini Papadopoulou
(National Centre for Scientific Research "Demokritos", Greece)
Eirini Papadopoulou is a graduate of Athens University of Economics and Business and holds a Master in Marketing of Dublin City University. She has lived, studied and worked abroad: 2004 Belgium (Antwerp) and 2006-2009 Ireland (Dublin). Her work experience focuses on marketing, digital marketing, advertising, social media, analytics and event coordination. Since 2014 she has been involved in various European Funded projects as a Marketing Associate Researcher for the Integrated Systems Laboratory of the Institute of Informatics and Telecommunications of the National Center for Scientific Research "Demokritos" in Athens, Greece. She has undertaken dissemination tasks and activities related to projects such as Perseus & AF3 (FP7), SAINT & Marine-EO PCP (Horizon 2020). She has a great interest in business, branding, ethics and green marketing. She is a member of the Greek Marketing Academy.
Yannis Corovesis
(National Centre for Scientific Research "Demokritos", Greece)
Dr. Yannis Corovesis received his BA degree in Mathematics from the University of Essex in 1977 and PhD in Computer Science from the University of St. Andrews in 1983. From 1985 is a member of the technical research stuff of NCSR Demokritos Computer Center and he is the director of the Campus Network Infrastructure since 1999. Pioneered Networking R&D in Greece in mid 80s, co- founded the National Research Education Network (NREN) and OTENET, one of the first ISP in Greece. Initiated network labs in Universities in early 90s and focused on Network Security threats in early 2000s using Opensource tools and methods, participating in Honeynet Research Alliance (2001-2007). He has extensive experience with EU R&D programs EUREKA, VALUE II, ACTS, IST, FP6, FP7 and has also consulted for DGXIII of EU and for the Internet Industry in Greece. Contributed to the first published book on Internet: “Getting Started with SRI International” (1992) and to the book “KNOW YOUR ENEMY”, a publication of the Honeynet Research Alliance about Internet attacks (2004). He collaborates in the area of Security and Opensouce with GRNET the National Research and Education Network, the Ministry of Defense and ENISA and with the Research Labs in the Institute of Informatics and Telecommunications. He was a member of the OPENGOV team in Prime Minister's Office during 2010-2011. His current interests are Network Architecture and Security.
Stelios C.A. Thomopoulos
(National Centre for Scientific Research "Demokritos", Greece)
Dr. Stelios C. A. Thomopoulos (BS ’78 NTUA Greece, MS ’81 & PhD ’83 SUNYAB USA) is the Director of the Institute of Informatics & Telecommunications at National Center for Scientific Research “Demokritos,” Director of Research and Head of the Integrated Systems Laboratory (ISL). He has served as faculty of Electrical Engineering at Penn State and Southern Illinois Universities. Founder of Intelnet Inc. in USA, he is credited with over 250 publications, over 2500 citations, and the US Patent No. 5,978,495 for the design and implementation of a fingerprint recognition system. He participated in numerous US, EU and nationally funded projects and as a premier consultant and advisor to the US Air Force Predetection Fusion Program. He has led or participated in over 47 research projects, totaling over 124 million Euro in total funding from European, Greece and USA, including the FP7 flagship projects OPTITRANS and PERSEUS. He has been consulting for the government and private industry in the US, France and Greece. His Generalized Evidence Processing (GEP) theory has been cited in all three most recent books on Data Fusion and his Sensor Fusion theory as one of the fundamental theories in sensor networks by the NIST (National Institute of Standards & Technology wireless communication technologies group). From 2002-2004 he served as the first representative of Greece in the ESA ARTES program.
