About the journal

• Home page
• Contact information
• Aims and scope
• Indexing information
• Editorial policies
• ComSIS consortium
• Journal boards
• Managing board

For authors

• Information for contributors
• Paper submission
• Article submission through OJS
• Copyright transfer form
• Download section

For readers

• Forthcoming articles
• Current issue
• Archive

For reviewers

• View and review submissions

News

• Journal's Facebook page
• Calls for special issues
• New issue notification

Defining the Attractiveness Concept for Cyber Incidents Forecasting

Javier García-Ochoa¹, Alberto Fernández-Isabel¹, Clara Contreras¹, Rubén R. Fernández¹, Isaac Martín de Diego¹ and Marta Beltrán¹

1. Rey Juan Carlos University Department of Computing, ETSII
   C/ Tulipán, s/n, 28933, Móstoles, Madrid (Spain)
   {javier.garciaochoa, alberto.fernandez.isabel, clara.contreras, ruben.rodriguez, isaac.martin, marta.beltran}@urjc.es

Abstract

Cyber incident forecasting has several applications within the security field, such as attack projection, intention recognition, attack prediction, or situational awareness. One of the main challenges of these issues lies in analysing the proneness of an entity to be attacked by an adversary evaluating the relevance of different target features or behaviours. This paper presents a methodology that defines the Attractiveness concept to address this issue. Attractiveness is the possession of features or the exhibition of behaviours in entities that raise interest for potential adversaries. Thus, the more significant the Attractiveness value is, the greater the proneness of attacking could be considered. The concept is decomposed into three main branches: basal attractiveness (relevance of the entity in the world), online reputation (the opinion of the individuals and the reach of the entity), and potential victimisation (the interest that the entity arouses for potential attackers). Machine Learning (ML) methods in combination with Information Retrieval (IR) and text mining techniques have been proposed to gather relevant information and identify hidden patterns and relations in past security incidents. With this approach, potential targets could reduce their Attractiveness, focusing on those aspects that can be remedied. Alternatively, future risky situations could be predicted to better prepare for proactive protection, detection, and response. The proposal has been validated through several experiments.

Key words

Attractiveness, Cyber incidents, Victimisation, Online reputation, Forecasting

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS250131060G

How to cite

García-Ochoa, J., Fernández-Isabel, A., Contreras, C., Fernández, R. R., Diego, I. M. d., Beltrán, M.: Defining the Attractiveness Concept for Cyber Incidents Forecasting. Computer Science and Information Systems, https://doi.org/10.2298/CSIS250131060G