A spatio-temporal entropy-based approach for the analysis of cyber attacks (demo paper)

Thibaud Mérien, Xavier Bellekens, David Brosset, Christophe Claramunt

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)
94 Downloads (Pure)

Abstract

Computer networks are ubiquitous systems growing exponentially with a predicted 50 billion devices connected by 2050. This dramatically increases the potential attack surface of Internet networks. A key issue in cyber defense is to detect, categorize and identify these attacks, the way they are propagated and their potential impacts on the systems affected. The research presented in this paper models cyber attacks at large by considering the Internet as a complex system in which attacks are propagated over a network. We model an attack as a path from a source to a target, and where each attack is categorized according to its intention. We setup an experimental testbed with the concept of honeypot that evaluates the spatiotemporal distribution of these Internet attacks. The preliminary results show a series of patterns in space and time that illustrate the potential of the approach, and how cyber attacks can be categorized according to the concept and measure of entropy.
Original languageEnglish
Title of host publicationProceedings of the 26th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems
Place of PublicationSeattle, Washington
PublisherAssociation for Computing Machinery (ACM)
Pages564-567
Number of pages4
ISBN (Electronic)9781450358897
DOIs
Publication statusPublished - 6 Nov 2018
Event26th ACM SIGSPATIAL: International Conference on Advances in Geographic Information Systems - Seattle, United States
Duration: 6 Nov 20189 Nov 2018
http://sigspatial2018.sigspatial.org/

Conference

Conference26th ACM SIGSPATIAL
Abbreviated titleACM SIGSPATIAL 2018
CountryUnited States
CitySeattle
Period6/11/189/11/18
Internet address

Fingerprint Dive into the research topics of 'A spatio-temporal entropy-based approach for the analysis of cyber attacks (demo paper)'. Together they form a unique fingerprint.

  • Cite this

    Mérien, T., Bellekens, X., Brosset, D., & Claramunt, C. (2018). A spatio-temporal entropy-based approach for the analysis of cyber attacks (demo paper). In Proceedings of the 26th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (pp. 564-567). Association for Computing Machinery (ACM). https://doi.org/10.1145/3274895.3274921