A Characterization of Cybersecurity Posture from Network Telescope Data

Data-driven understanding of cybersecurity posture is an important problem that has not been adequately explored. In this paper, we analyze some real data collected by CAIDA's network telescope during the month of March 2013. We propose to formalize the concept of cybersecurity posture from the perspectives of three kinds of time series: the number of victims (i.e., telescope IP addresses that are attacked), the number of attackers that are observed by the telescope, and the number of attacks that are observed by the telescope. Characterizing cybersecurity posture therefore becomes investigating the phenomena and statistical properties exhibited by these time series, and explaining their cybersecurity meanings. For example, we propose the concept of {\em sweep-time}, and show that sweep-time should be modeled by stochastic process, rather than random variable. We report that the number of attackers (and attacks) from a certain country dominates the total number of attackers (and attacks) that are observed by the telescope. We also show that substantially smaller network telescopes might not be as useful as a large telescope

On Residual Lifetimes of k-out-of-n Systems With Nonidentical Components

In this article, mixture representations of survival functions of residual lifetimes of k-out-of-n systems are obtained when the components are independent but not necessarily identically distributed. Then we stochastically compare the residual lifetimes of k-out-of-n systems in one- and two-sample problems. In particular, the results extend some results in Li and Zhao [14], Khaledi and Shaked [13], Sadegh [17], Gurler and Bairamov [7] and Navarro, Balakrishnan, and Samaniego [16]. Applications in the proportional hazard rates model are presented as well

Some Unified Results on Comparing Linear Combinations of Independent Gamma Random Variables

In this paper, a new sufficient condition for comparing linear combinations of independent gamma random variables according to star ordering is given. This unifies some of the newly proved results on this problem. Equivalent characterizations between various stochastic orders are established by utilizing the new condition. The main results in this paper generalize and unify several results in the literature including those of Amiri, Khaledi, and Samaniego [2], Zhao [18], and Kochar and Xu [9]

A Deep Learning Framework for Predicting Cyber Attacks Rates

Like how useful weather forecasting is, the capability of forecasting or predicting cyber threats can never be overestimated. Previous investigations show that cyber attack data exhibits interesting phenomena, such as long-range dependence and high nonlinearity, which impose a particular challenge on modeling and predicting cyber attack rates. Deviating from the statistical approach that is utilized in the literature, in this paper we develop a deep learning framework by utilizing the bi-directional recurrent neural networks with long short-term memory, dubbed BRNN-LSTM. Empirical study shows that BRNN-LSTM achieves a significantly higher prediction accuracy when compared with the statistical approach