Cyber Threat Predictive Analytics for Improving Cyber Supply Chain Security

2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)

Ismail

Swidurski

et al. 2021

Self Cite

Cyberattacks on cyber supply chain (CSC) systems and the cascading impacts have brought many challenges and different threat levels with unpredictable consequences. The embedded networks nodes have various loopholes that could be exploited by the threat actors leading to various attacks, risks, and the threat of cascading attacks on the various systems. Key factors such as lack of common ontology vocabulary and semantic interoperability of cyberattack information, inadequate conceptualized ontology learning and hierarchical approach to representing the relationships in the CSC security domain has led to explicit knowledge representation. This paper explores cyberattack ontology learning to describe security concepts, properties and the relationships required to model security goal. Cyberattack ontology provides a semantic mapping between different organizational and vendor security goals has been inherently challenging. The contributions of this paper are threefold. First, we consider CSC security modelling such as goal, actor, attack, TTP, and requirements using semantic rules for logical representation. Secondly, we model a cyberattack ontology for semantic mapping and knowledge representation. Finally, we discuss concepts for threat intelligence and knowledge reuse. The results show that the cyberattack ontology concepts could be used to improve CSC security.

Section: Methodsmentioning

confidence: 99%

Cyberattack Ontology: A Knowledge Representation for Cyber Supply Chain Security

2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)

Ismail

Swidurski

et al. 2021

Self Cite

“…The results from the feature distribution show that the cyber digital systems are prone to ransomware and malware attacks if there are no antivirus updates on the system. Furthermore, a 10-Fold cross validation was used to run each algorithm ten times for best results [19], [20]. Moreover, its precisions can predict correct instances, provide a harmonic mean for precision, recall and F-score.…”

Section: Machine Learning Predictionmentioning

confidence: 99%

“…Binary classification is used to support AUC-ROC to distinguish between the probabilities of the given classes.The optimization algorithm identifies each data object's major features or class level during training and testing. Furthermore, a 10-Fold cross validation was used to run each algorithm ten times for best results[19],[20]. Moreover, its precisions can predict correct instances, provide a harmonic mean for precision, recall and F-score.…”

mentioning

confidence: 99%

Cyber resilience in supply chain system security using machine learning for threat predictions

Swart

Opoku-Boateng

et al. 2022

CRR

Self Cite

PurposeCyber resilience in cyber supply chain (CSC) systems security has become inevitable as attacks, risks and vulnerabilities increase in real-time critical infrastructure systems with little time for system failures. Cyber resilience approaches ensure the ability of a supply chain system to prepare, absorb, recover and adapt to adverse effects in the complex CPS environment. However, threats within the CSC context can pose a severe disruption to the overall business continuity. The paper aims to use machine learning (ML) techniques to predict threats on cyber supply chain systems, improve cyber resilience that focuses on critical assets and reduce the attack surface.Design/methodology/approachThe approach follows two main cyber resilience design principles that focus on common critical assets and reduce the attack surface for this purpose. ML techniques are applied to various classification algorithms to learn a dataset for performance accuracies and threats predictions based on the CSC resilience design principles. The critical assets include Cyber Digital, Cyber Physical and physical elements. We consider Logistic Regression, Decision Tree, Naïve Bayes and Random Forest classification algorithms in a Majority Voting to predicate the results. Finally, we mapped the threats with known attacks for inferences to improve resilience on the critical assets.FindingsThe paper contributes to CSC system resilience based on the understanding and prediction of the threats. The result shows a 70% performance accuracy for the threat prediction with cyber resilience design principles that focus on critical assets and controls and reduce the threat.Research limitations/implicationsTherefore, there is a need to understand and predicate the threat so that appropriate control actions can ensure system resilience. However, due to the invincibility and dynamic nature of cyber attacks, there are limited controls and attributions. This poses serious implications for cyber supply chain systems and its cascading impacts.Practical implicationsML techniques are used on a dataset to analyse and predict the threats based on the CSC resilience design principles.Social implicationsThere are no social implications rather it has serious implications for organizations and third-party vendors.Originality/valueThe originality of the paper lies in the fact that cyber resilience design principles that focus on common critical assets are used including Cyber Digital, Cyber Physical and physical elements to determine the attack surface. ML techniques are applied to various classification algorithms to learn a dataset for performance accuracies and threats predictions based on the CSC resilience design principles to reduce the attack surface for this purpose.

“…The overall features were 64. We extracted 38 features in the primary data relevant to the attack profile [26] [27].…”

Section: Adversarial ML Attack Modellingmentioning

confidence: 99%

Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance

2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)

Ismail

Swidurski

et al. 2021

Self Cite

Machine learning has been used in the cybersecurity domain to predict cyberattack trends. However, adversaries can inject malicious data into the dataset during training and testing to cause perturbance and predict false narratives. It has become challenging to analyse and predicate cyberattack correlations due to their fuzzy nature and lack of understanding of the threat landscape. Thus, it is imperative to use cyber threat ontology (CTO) concepts to extract relevant attack instances in CSC security for knowledge representation. This paper explores the challenges of CTO and adversarial machine learning (AML) attacks for threat prediction to improve cybersecurity. The novelty contributions are threefold. First, CTO concepts are considered for semantic mapping and definition of relationships for explicit knowledge of threat indicators. Secondly, AML techniques are deployed maliciously to manipulate algorithms during training and testing to predict false classifications models. Finally, we discuss the performance analysis of the classification models and how CTO provides automated means. The result shows that analysis of AML attacks and CTO concepts could be used for validating a mediated schema for specific vulnerabilities.