Recommender systems meeting security: from product recommendation to cyber-attack prediction

Nikolaos Polatidis; Elias Pimenidis; Michalis Pavlidis; Haralambos Mouratidis

doi:10.1007/978-3-319-65172-9_43

Recommender systems meeting security: from product recommendation to cyber-attack prediction

Nikolaos Polatidis, Elias Pimenidis, Michalis Pavlidis, Haralambos Mouratidis

University of Brighton

Research output: Chapter in Book/Conference proceeding with ISSN or ISBN › Conference contribution with ISSN or ISBN › peer-review

Abstract

Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.

Original language	English
Title of host publication	International Conference on Engineering Applications of Neural Networks
Place of Publication	Germany
Publisher	Springer
Pages	508-519
Number of pages	12
ISBN (Print)	9783319651729
DOIs	https://doi.org/10.1007/978-3-319-65172-9_43
Publication status	Published - 2 Aug 2017
Event	International Conference on Engineering Applications of Neural Networks - Athens, Greece, 25-27 August, 2017 Duration: 2 Aug 2017 → …

Publication series

Name	Communications in Computer and Information Science

Conference

Conference	International Conference on Engineering Applications of Neural Networks
Period	2/08/17 → …

Bibliographical note

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-65172-9_43

Keywords

Recommender systems
Cyber security
Attack graph
Exploit
Vulnerability
Attack prediction
Classification

Access to Document

10.1007/978-3-319-65172-9_43Licence: Unspecified

EANN 2017.pdfAccepted author manuscript, 379 KBLicence: Unspecified

Michalis Pavlidis
- M.Pavlidisbrighton.acuk
- School of Arch, Tech and Eng - Principal Lecturer
- Computing and Mathematical Sciences Research and Enterprise Group
Person: Academic
Nikolaos Polatidis
- N.Polatidisbrighton.acuk
- School of Arch, Tech and Eng - Principal Lecturer
Person: Academic

Cite this

@inproceedings{34ab463906124c5fb187d4c0fc947d2a,

title = "Recommender systems meeting security: from product recommendation to cyber-attack prediction",

abstract = "Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.",

keywords = "Recommender systems, Cyber security, Attack graph, Exploit, Vulnerability, Attack prediction, Classification",

author = "Nikolaos Polatidis and Elias Pimenidis and Michalis Pavlidis and Haralambos Mouratidis",

note = "The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-65172-9_43; International Conference on Engineering Applications of Neural Networks ; Conference date: 02-08-2017",

year = "2017",

month = aug,

day = "2",

doi = "10.1007/978-3-319-65172-9_43",

language = "English",

isbn = "9783319651729",

series = "Communications in Computer and Information Science",

publisher = "Springer",

pages = "508--519",

booktitle = "International Conference on Engineering Applications of Neural Networks",

}

Polatidis, N, Pimenidis, E, Pavlidis, M & Mouratidis, H 2017, Recommender systems meeting security: from product recommendation to cyber-attack prediction. in International Conference on Engineering Applications of Neural Networks. Communications in Computer and Information Science, Springer, Germany, pp. 508-519, International Conference on Engineering Applications of Neural Networks, 2/08/17. https://doi.org/10.1007/978-3-319-65172-9_43

Recommender systems meeting security: from product recommendation to cyber-attack prediction. / Polatidis, Nikolaos; Pimenidis, Elias; Pavlidis, Michalis et al.
International Conference on Engineering Applications of Neural Networks. Germany: Springer, 2017. p. 508-519 (Communications in Computer and Information Science).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBN › Conference contribution with ISSN or ISBN › peer-review

TY - GEN

T1 - Recommender systems meeting security: from product recommendation to cyber-attack prediction

AU - Polatidis, Nikolaos

AU - Pimenidis, Elias

AU - Pavlidis, Michalis

AU - Mouratidis, Haralambos

N1 - The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-65172-9_43

PY - 2017/8/2

Y1 - 2017/8/2

N2 - Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.

AB - Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.

KW - Recommender systems

KW - Cyber security

KW - Attack graph

KW - Exploit

KW - Vulnerability

KW - Attack prediction

KW - Classification

U2 - 10.1007/978-3-319-65172-9_43

DO - 10.1007/978-3-319-65172-9_43

M3 - Conference contribution with ISSN or ISBN

SN - 9783319651729

T3 - Communications in Computer and Information Science

SP - 508

EP - 519

BT - International Conference on Engineering Applications of Neural Networks

PB - Springer

CY - Germany

T2 - International Conference on Engineering Applications of Neural Networks

Y2 - 2 August 2017

ER -

Recommender systems meeting security: from product recommendation to cyber-attack prediction

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Fingerprint

Profiles

Michalis Pavlidis

Nikolaos Polatidis

Cite this