Recommender systems meeting security: from product recommendation to cyber-attack prediction

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBNResearchpeer-review

Abstract

Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.
Original languageEnglish
Title of host publicationInternational Conference on Engineering Applications of Neural Networks
Place of PublicationGermany
PublisherSpringer
Pages508-519
Number of pages12
ISBN (Print)9783319651729
DOIs
Publication statusPublished - 2 Aug 2017
EventInternational Conference on Engineering Applications of Neural Networks - Athens, Greece, 25-27 August, 2017
Duration: 2 Aug 2017 → …

Publication series

NameCommunications in Computer and Information Science

Conference

ConferenceInternational Conference on Engineering Applications of Neural Networks
Period2/08/17 → …

Fingerprint

Recommender systems
Supply chains
Information systems

Bibliographical note

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-65172-9_43

Keywords

  • Recommender systems
  • Cyber security
  • Attack graph
  • Exploit
  • Vulnerability
  • Attack prediction
  • Classification

Cite this

Polatidis, N., Pimenidis, E., Pavlidis, M., & Mouratidis, H. (2017). Recommender systems meeting security: from product recommendation to cyber-attack prediction. In International Conference on Engineering Applications of Neural Networks (pp. 508-519). (Communications in Computer and Information Science). Germany: Springer. https://doi.org/10.1007/978-3-319-65172-9_43
Polatidis, Nikolaos ; Pimenidis, Elias ; Pavlidis, Michalis ; Mouratidis, Haralambos. / Recommender systems meeting security: from product recommendation to cyber-attack prediction. International Conference on Engineering Applications of Neural Networks. Germany : Springer, 2017. pp. 508-519 (Communications in Computer and Information Science).
@inproceedings{34ab463906124c5fb187d4c0fc947d2a,
title = "Recommender systems meeting security: from product recommendation to cyber-attack prediction",
abstract = "Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.",
keywords = "Recommender systems, Cyber security, Attack graph, Exploit, Vulnerability, Attack prediction, Classification",
author = "Nikolaos Polatidis and Elias Pimenidis and Michalis Pavlidis and Haralambos Mouratidis",
note = "The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-65172-9_43",
year = "2017",
month = "8",
day = "2",
doi = "10.1007/978-3-319-65172-9_43",
language = "English",
isbn = "9783319651729",
series = "Communications in Computer and Information Science",
publisher = "Springer",
pages = "508--519",
booktitle = "International Conference on Engineering Applications of Neural Networks",

}

Polatidis, N, Pimenidis, E, Pavlidis, M & Mouratidis, H 2017, Recommender systems meeting security: from product recommendation to cyber-attack prediction. in International Conference on Engineering Applications of Neural Networks. Communications in Computer and Information Science, Springer, Germany, pp. 508-519, International Conference on Engineering Applications of Neural Networks, 2/08/17. https://doi.org/10.1007/978-3-319-65172-9_43

Recommender systems meeting security: from product recommendation to cyber-attack prediction. / Polatidis, Nikolaos; Pimenidis, Elias; Pavlidis, Michalis; Mouratidis, Haralambos.

International Conference on Engineering Applications of Neural Networks. Germany : Springer, 2017. p. 508-519 (Communications in Computer and Information Science).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBNResearchpeer-review

TY - GEN

T1 - Recommender systems meeting security: from product recommendation to cyber-attack prediction

AU - Polatidis, Nikolaos

AU - Pimenidis, Elias

AU - Pavlidis, Michalis

AU - Mouratidis, Haralambos

N1 - The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-65172-9_43

PY - 2017/8/2

Y1 - 2017/8/2

N2 - Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.

AB - Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.

KW - Recommender systems

KW - Cyber security

KW - Attack graph

KW - Exploit

KW - Vulnerability

KW - Attack prediction

KW - Classification

U2 - 10.1007/978-3-319-65172-9_43

DO - 10.1007/978-3-319-65172-9_43

M3 - Conference contribution with ISSN or ISBN

SN - 9783319651729

T3 - Communications in Computer and Information Science

SP - 508

EP - 519

BT - International Conference on Engineering Applications of Neural Networks

PB - Springer

CY - Germany

ER -

Polatidis N, Pimenidis E, Pavlidis M, Mouratidis H. Recommender systems meeting security: from product recommendation to cyber-attack prediction. In International Conference on Engineering Applications of Neural Networks. Germany: Springer. 2017. p. 508-519. (Communications in Computer and Information Science). https://doi.org/10.1007/978-3-319-65172-9_43