Identifying the Cyber Attack Origin with Partial Observation: A Linear Regression Based Approach

Mohammed Lalou, Hamamache Kheddouci, Salim A Hariri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

Cyber systems have become ubiquitous and indispensable in our daily life, and the extent of our dependence on them has increasingly grown in all fields including: education, business, industry and government. Those systems make intensive use of data and information and are therefore exposed to more potential cyber attacks. Thereby, the need for reliable approaches to protect them has increased. One of the key elements for guaranteeing the security of cyber systems is to identify the origin (the source) of the attack. In this paper, we describe a new approach to estimate both the source and the start time of a virus outbreak in complex networks (which include cyber systems) using partial information about the diffusion process, obtained through observing only a subset of nodes. Our approach uses a linear regression method on the partial obtained data, based on the fact that there is a linear correlation observed between the relative infection time of a node and its effective distance from the source. The experimental results showed that our approach is able to give an estimation of the source and the start time in, respectively, few hops from the actual source, and few time-units from the real start time.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE 2nd International Workshops on Foundations and Applications of Self* Systems, FAS*W 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages329-333
Number of pages5
ISBN (Electronic)9781509065585
DOIs
StatePublished - Oct 9 2017
Event2nd IEEE International Workshops on Foundations and Applications of Self* Systems, FAS*W 2017 - Tucson, United States
Duration: Sep 18 2017Sep 22 2017

Other

Other2nd IEEE International Workshops on Foundations and Applications of Self* Systems, FAS*W 2017
CountryUnited States
CityTucson
Period9/18/179/22/17

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Computational Mechanics

Fingerprint Dive into the research topics of 'Identifying the Cyber Attack Origin with Partial Observation: A Linear Regression Based Approach'. Together they form a unique fingerprint.

  • Cite this

    Lalou, M., Kheddouci, H., & Hariri, S. A. (2017). Identifying the Cyber Attack Origin with Partial Observation: A Linear Regression Based Approach. In Proceedings - 2017 IEEE 2nd International Workshops on Foundations and Applications of Self* Systems, FAS*W 2017 (pp. 329-333). [8064144] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/FAS-W.2017.168