Universal flux-fluctuation law in small systems

We thank Dr. DeMenezes for providing the microchip data. This work was partially supported by the NSF of China under Grant Nos. 11135001, 11275003. Y.C.L. was supported by ARO under Grant No. W911NF-14-1-0504.Peer reviewedPublisher PD

Emergence of multicluster chimera states

We thank Prof. L. Huang for helpful discussions. This work was partially supported by ARO under Grant No. W911NF-14-1-0504 and by NSF of China under Grant No. 11275003. The visit of NY to Arizona State University was partially sponsored by Prof. Z. Zheng and the State Scholarship Fund of China.Peer reviewedPublisher PD

Multiagent model and mean field theory of complex auction dynamics

Acknowledgements We are grateful to Ms Yinan Zhao for providing the data and to Yuzhong Chen and Cancan Zhou for discussions and suggestions. This work was supported by ARO under Grant No. W911NF-14-1-0504 and by NSFC under Grants Nos. 11275003 and 61174165. The visit of QC to Arizona State University was partially sponsored by the State Scholarship Fund of China.Peer reviewedPublisher PD

Spatiotemporal patterns and predictability of cyberattacks

A relatively unexplored issue in cybersecurity science and engineering is whether there exist intrinsic patterns of cyberattacks. Conventional wisdom favors absence of such patterns due to the overwhelming complexity of the modern cyberspace. Surprisingly, through a detailed analysis of an extensive data set that records the time-dependent frequencies of attacks over a relatively wide range of consecutive IP addresses, we successfully uncover intrinsic spatiotemporal patterns underlying cyberattacks, where the term "spatio" refers to the IP address space. In particular, we focus on analyzing {\em macroscopic} properties of the attack traffic flows and identify two main patterns with distinct spatiotemporal characteristics: deterministic and stochastic. Strikingly, there are very few sets of major attackers committing almost all the attacks, since their attack "fingerprints" and target selection scheme can be unequivocally identified according to the very limited number of unique spatiotemporal characteristics, each of which only exists on a consecutive IP region and differs significantly from the others. We utilize a number of quantitative measures, including the flux-fluctuation law, the Markov state transition probability matrix, and predictability measures, to characterize the attack patterns in a comprehensive manner. A general finding is that the attack patterns possess high degrees of predictability, potentially paving the way to anticipating and, consequently, mitigating or even preventing large-scale cyberattacks using macroscopic approaches