Forecasting Cyber Threats and Pertinent Mitigation Technologies

IF 12.9 1区 管理学 Q1 BUSINESS
Zaid Almahmoud , Paul D. Yoo , Ernesto Damiani , Kim-Kwang Raymond Choo , Chan Yeob Yeun
{"title":"Forecasting Cyber Threats and Pertinent Mitigation Technologies","authors":"Zaid Almahmoud ,&nbsp;Paul D. Yoo ,&nbsp;Ernesto Damiani ,&nbsp;Kim-Kwang Raymond Choo ,&nbsp;Chan Yeob Yeun","doi":"10.1016/j.techfore.2024.123836","DOIUrl":null,"url":null,"abstract":"<div><div>Geopolitical instability is exacerbating the risk of catastrophic cyber-attacks striking where defences are weak. Nevertheless, cyber-attack trend forecasting predominantly relies on human expertise, which is susceptible to subjectivity and potential bias. As a solution, we have recently presented a novel study that harnesses machine learning for long-term cyber-attack forecasting. Building upon this groundwork, our research advances to the next level, by predicting the disparity between cyber-attack trends and the trend of the relevant alleviation technologies. The proposed approach applies key constructs of Protection Motivation Theory while introducing a proactive version of the theory. Our predictive analysis aims to offer strategic insights for the decision of investment in cyber security technologies. It also provides a sound foundation for the strategic decisions of national defence agencies. To achieve this objective, we have expanded our dataset, which now encompasses records spanning 42 distinct cyber-attack types and various related features, alongside data concerning the trends of 98 pertinent technologies, dating back to 2011. The dataset features were meticulously curated from diverse sources, including news articles, blogs, government advisories, as well as from platforms such as Elsevier, Twitter, and Python APIs. With our comprehensive dataset in place, we construct a graph that elucidates the intricate interplay between cyber threats and the development of pertinent alleviation technologies. To forecast the graph, we introduce a novel Bayesian adaptation of a recently proposed graph neural network model, which effectively captures and predicts these trends. We further demonstrate the efficacy of our proposed features in this context. Furthermore, our study extends its horizon by generating future data projections for the next three years, encompassing forecasts for the evolving graph, including predictions of the gap between cyber-attack trends and the trend of the associated technologies. As a consequential outcome of our forecasting efforts, we introduce the concept of “alleviation technologies cycle”, delineating the key phases in the life cycle of 98 technologies. These findings serve as a foundational resource, offering valuable guidance for future investment and strategic defence decisions within the realm of cyber security related technologies.</div></div>","PeriodicalId":48454,"journal":{"name":"Technological Forecasting and Social Change","volume":"210 ","pages":"Article 123836"},"PeriodicalIF":12.9000,"publicationDate":"2024-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Technological Forecasting and Social Change","FirstCategoryId":"91","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0040162524006346","RegionNum":1,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"BUSINESS","Score":null,"Total":0}
引用次数: 0

Abstract

Geopolitical instability is exacerbating the risk of catastrophic cyber-attacks striking where defences are weak. Nevertheless, cyber-attack trend forecasting predominantly relies on human expertise, which is susceptible to subjectivity and potential bias. As a solution, we have recently presented a novel study that harnesses machine learning for long-term cyber-attack forecasting. Building upon this groundwork, our research advances to the next level, by predicting the disparity between cyber-attack trends and the trend of the relevant alleviation technologies. The proposed approach applies key constructs of Protection Motivation Theory while introducing a proactive version of the theory. Our predictive analysis aims to offer strategic insights for the decision of investment in cyber security technologies. It also provides a sound foundation for the strategic decisions of national defence agencies. To achieve this objective, we have expanded our dataset, which now encompasses records spanning 42 distinct cyber-attack types and various related features, alongside data concerning the trends of 98 pertinent technologies, dating back to 2011. The dataset features were meticulously curated from diverse sources, including news articles, blogs, government advisories, as well as from platforms such as Elsevier, Twitter, and Python APIs. With our comprehensive dataset in place, we construct a graph that elucidates the intricate interplay between cyber threats and the development of pertinent alleviation technologies. To forecast the graph, we introduce a novel Bayesian adaptation of a recently proposed graph neural network model, which effectively captures and predicts these trends. We further demonstrate the efficacy of our proposed features in this context. Furthermore, our study extends its horizon by generating future data projections for the next three years, encompassing forecasts for the evolving graph, including predictions of the gap between cyber-attack trends and the trend of the associated technologies. As a consequential outcome of our forecasting efforts, we introduce the concept of “alleviation technologies cycle”, delineating the key phases in the life cycle of 98 technologies. These findings serve as a foundational resource, offering valuable guidance for future investment and strategic defence decisions within the realm of cyber security related technologies.
预测网络威胁和相关缓解技术
地缘政治的不稳定加剧了防御薄弱地区遭受灾难性网络攻击的风险。然而,网络攻击趋势预测主要依赖于人类的专业知识,这很容易受到主观性和潜在偏见的影响。作为解决方案,我们最近提出了一项新颖的研究,利用机器学习进行长期网络攻击预测。在此基础上,我们的研究更上一层楼,预测了网络攻击趋势与相关缓解技术趋势之间的差异。所提出的方法应用了保护动机理论的关键结构,同时引入了该理论的主动版本。我们的预测分析旨在为网络安全技术投资决策提供战略性见解。它还为国防机构的战略决策提供了坚实的基础。为了实现这一目标,我们扩展了数据集,现在包含了 42 种不同的网络攻击类型和各种相关特征的记录,以及 98 种相关技术的趋势数据,可追溯到 2011 年。数据集的特征是从各种来源精心整理而来,包括新闻文章、博客、政府建议,以及爱思唯尔、Twitter 和 Python API 等平台。利用我们的综合数据集,我们构建了一个图表,阐明了网络威胁与相关减缓技术发展之间错综复杂的相互作用。为了预测该图,我们对最近提出的图神经网络模型进行了新颖的贝叶斯调整,从而有效地捕捉和预测了这些趋势。在此背景下,我们进一步证明了我们提出的特征的有效性。此外,我们的研究还扩展了视野,生成了未来三年的数据预测,其中包括对不断变化的图谱的预测,包括对网络攻击趋势与相关技术趋势之间差距的预测。作为预测工作的一项重要成果,我们提出了 "缓解技术周期 "的概念,划分了 98 种技术生命周期的关键阶段。这些发现可作为基础资源,为网络安全相关技术领域的未来投资和战略防御决策提供宝贵指导。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
21.30
自引率
10.80%
发文量
813
期刊介绍: Technological Forecasting and Social Change is a prominent platform for individuals engaged in the methodology and application of technological forecasting and future studies as planning tools, exploring the interconnectedness of social, environmental, and technological factors. In addition to serving as a key forum for these discussions, we offer numerous benefits for authors, including complimentary PDFs, a generous copyright policy, exclusive discounts on Elsevier publications, and more.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信