Abstract
SummaryProtection of networked computing infrastructures (such as Internet of Things, Industrial Control Systems, and Edge computing) is dependent on the continuous monitoring of interaction between such devices and network/Cloud‐based hosts (especially in Industry 4.0 environments). This real‐time monitoring enables an analyst to quantify evolving and emerging threats to such network infrastructures. A framework for identifying patterns in observed cyberthreats and the use of these patterns for forecasting the growth of an emerging threat to network infrastructure is proposed. This framework enables predicting the maximum threat intensity and the time period over which this maximum intensity is likely to occur. The proposed framework integrates: (a) continuous monitoring of device/network activity, (b) forecasting behavior using exponentially weighted moving averages, (c) utilizing Fibonacci retracement for estimating the potential intensity of a cyberattack, and (d) linear regression for predicting response time for high risk thresholds and a machine learning strategy to predict potential risk over a pre‐defined time window. Using this approach, we can produce time intervals between the forecast and the actual attacks using real‐world network activity data. Our results show an average lead time of around 1.75 hours, providing a window of opportunity to limit the impact of an attack and counter it.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
