cyber intelligence decision support in the era of big...

Z. MINCHEV, G. DUKOV, T. IVANOVA, K. MIHAYLOV,

D. BOYADZHIEV, P. MATEEV, M. BOJKOVA & N. DASKALOVA

SOFIA, BULGARIA ESGI 113 18.09. 2015

Final Report

…

*Selected data from the Bulgarian Academy of Sciences Analysis for the WG on Cyber Security Strategy Preparation on behalf of the Council Ministries of the Republic of Bulgaria, July, 2015, Read more…

1 – E-Gov Service 2 – ISP 3 – Ext Cloud Services 4 – User 5 – Hacker 6 – Botnet

1 – E-Gov Service 2 – ISP 3 – Ext Cloud Services 4 – User 5 – Hacker 6 – Botnet

1- User 2 - Hacker 3 – Cloud Environment 4 - ISP 5 – Home Automation Server 6 - Smart Devices

1- User 2 - Hacker 3 - Cloud Environment 4 - ISP 5 – Home Automation Server 6 - Smart Device

1- Bank System 2 - Credit Cards Services 3 - User 4 - Hacker 5 - Mobile Comms

1- Bank System 2 - Credit Cards Services 3 - User 4 - Hacker 5 - Mobile Comms

Object 1 – User Object 2 – Hacker Object 3 – Mobile Bank Service

Object 1 – User Object 2 – Hacker - > Object 2 !? Object 3 – Mobile Bank Service

Minchev, 2011

Minimize y

X12 X13 X14 X15 X21 X23 X24 X25 X31 X32 X34 X35 X41 X42 X43 X45 X51 X52 X53 X54 Y

ObjFunc 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1

Variabl 20 0 0 0 0 0 0 0 0 0 0 70 0 0 40 0 0 30 0 40 0

Out1 1 1 0 0 0 0 0 0 1

Out2 0 0 0 0 0 0 0 0 0

Out3 0 0 1 1 1 0 0 0 0

Out4 0 0 0 0 0 1 0 0 1

Out5 0 0 0 0 0 0 1 1 1

In1 0 0 0 0 0 0 0 0 0

In2 1 0 1 0 0 0 1 0 1

In3 0 1 0 0 0 1 0 0 0

In4 0 0 0 1 0 0 0 1 1

In5 0 0 0 0 1 0 0 0 1

Out1 1 1 0 0 0 0 0 0 -1

Out2 0 0 0 0 0 0 0 0 0

Out3 0 0 1 1 1 0 0 0 0

Out4 0 0 0 0 0 1 0 0 -1

Out5 0 0 0 0 0 0 1 1 -1

In1 0 0 0 0 0 0 0 0 0

In2 1 0 1 0 0 0 1 0 -1

In3 0 1 0 0 0 1 0 0 0

In4 0 0 0 1 0 0 0 1 -1

In5 0 0 0 0 1 0 0 0 -1

Lower Bound 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Upper Bound 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100

n=n1,…,nk, a=a1,…,ak

nj – total number of requests aj – number of harmful requests j=0,…,k, k – number of arcs in the graph

pj=aj/nj

Beta distribution with its multivariate Dirichlet generalization for multiple events assessing

a posteriori pj Be ((+aj), + (nj-aj))

Risk: P(A) = p a priori Be (, )

~

~

2018 March, 2015

Obviously exploring nowadays cyber world for multiple cyber threats is a complex task, combining: (i) suitable model interpretation, (ii) optimization & (iii) validation (expert- & simulation- based). These three steps have to be adequately interpreted in the big data context, being rather specific, demanding and fast evolving.

The final objective is achieving a useful decision support and adequate cyber intelligence, concerning future threats/attacks landscape evolution meeting.