Abstract
Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks. The proposed method has been experimentally evaluated and it is shown that it is both practical and effective.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Lu, J., Wu, D., Mao, M., Wang, W., Zhang, G.: Recommender system application developments: a survey. Decis. Support Syst. 74, 12–32 (2015)
Polatidis, N., Georgiadis, C.K.: Recommender systems: the importance of personalization on e-business environments. Int. J. E-entrepreneursh. Innov. 4, 32–46 (2013)
Su, X., Khoshgoftaar, T.M.: A survey of collaborative filtering techniques. Adv. Artif. Intell. 2009, 1–19 (2009)
Shams, B., Haratizadeh, S.: TasteMiner: mining partial tastes for neighbor-based collaborative filtering. J. Intell. Inf. Syst. 48, 165–189 (2017)
Wang, W., Zhang, G., Lu, J.: Collaborative filtering with entropy-driven user similarity in recommender systems. Int. J. Intell. Syst. 30, 854–870 (2015)
Liu, H., Hu, Z., Mian, A., Tian, H., Zhu, X.: A new user similarity model to improve the accuracy of collaborative filtering. Knowl.-Based Syst. 56, 156–166 (2014)
Son, L.H.: HU-FCF: a hybrid user-based fuzzy collaborative filtering method in recommender systems. Expert Syst. Appl. 41, 6861–6870 (2014)
Bobadilla, J., Ortega, F., Hernando, A.: A collaborative filtering similarity measure based on singularities. Inf. Process. Manag. 48, 204–217 (2012)
Gan, M., Jiang, R.: Improving accuracy and diversity of personalized recommendation through power law adjustments of user similarities. Decis. Support Syst. 55, 811–821 (2013)
Ortega, F., Sánchez, J.L., Bobadilla, J., Gutiérrez, A.: Improving collaborative filtering-based recommender systems results using Pareto dominance. Inf. Sci. (N.Y.) 239, 50–61 (2013)
Polatidis, N., Georgiadis, C.K.: A multi-level collaborative filtering method that improves recommendations. Expert Syst. Appl. 48, 100–110 (2016)
Polatidis, N., Georgiadis, C.K.: A dynamic multi-level collaborative filtering method for improved recommendations. Comput. Stand. Interfaces 51, 14–21 (2017)
Toledo, R.Y., Mota, Y.C., MartÃnez, L.: Correcting noisy ratings in collaborative recommender systems. Knowl.-Based Syst. 76, 96–108 (2015)
Melville, P., Mooney, R.J., Nagarajan, R.: Content-boosted collaborative filtering for improved recommendations. In: Proceedings 18th National Conference on Artificial Intelligence (AAAI), pp. 187–192 (2002)
Anand, D., Bharadwaj, K.K.: Utilizing various sparsity measures for enhancing accuracy of collaborative recommender systems based on local and global similarities. Expert Syst. Appl. 38, 5101–5109 (2011)
Gan, M.: COUSIN: a network-based regression model for personalized recommendations. Decis. Support Syst. 82, 58–68 (2016)
Gan, M.-X., Sun, L., Jiang, R.: Trinity: walking on a user-object-tag heterogeneous network for personalised recommendations. J. Comput. Sci. Technol. 31, 577–594 (2016)
Xu, B., Bu, J., Chen, C., Cai, D.: An exploration of improving collaborative recommender systems via user-item subgroups. In: Proceedings of 21st International Conference on World Wide Web - WWW 2012, p. 21 (2012)
Ou, X., Singhal, A.: Attack graph techniques. In: Ou, X., Singhal, A. (eds.) Quantitative Security Risk Assessment of Enterprise Networks. SpringerBriefs in Computer Science, pp. 13–23. Springer, New York (2011). doi:10.1007/978-1-4614-1860-3_2
Templeton, S.J., Levitt, K.: A requires/provides model for computer attacks. In: Proceedings of 2000 Workshop on New Security Paradigms - NSPW 2000, pp. 31–38 (2000)
Ning, P., Xu, D.: Learning attack strategies from intrusion alerts. In: Proceedings of the 10th ACM Conference on Computer and Communication Security - CCS 2003, p. 200 (2003)
Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings 2000 IEEE Symposium on Security and Privacy, S&P 2000, pp. 156–165 (2000)
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 273–284 (2002)
Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: 13th ACM Conference on Computer and Communications Security, pp. 336–345 (2006)
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of 9th ACM Conference on Computer and Communication Security - CCS 2002, p. 217 (2002)
Ammann, P., Pamula, J., Ritchey, R., Street, J.: A host-based approach to network attack chaining analysis. In: Proceedings of Annual Computer Security Applications Conference, ACSAC, pp. 72–81 (2005)
Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: Proceedings of Annual Computer Security Applications Conference, ACSAC, pp. 121–130 (2006)
Ingols, K., Chu, M., Lippmann, R., Webster, S., Boyer, S.: Modeling modern network attacks and countermeasures using attack graphs. In: Proceedings of Annual Computer Security Applications Conference, ACSAC, pp. 117–126 (2009)
Kaynar, K., Sivrikaya, F.: Distributed attack graph generation. IEEE Trans. Dependable Secur. Comput. 13, 519–532 (2016)
Xie, A., Zhang, L., Hu, J., Chen, Z.: A probability-based approach to attack graphs generation. In: 2nd International Symposium on Electronic Commerce and Security, ISECS 2009, pp. 343–347 (2009)
Ghosh, N., Ghosh, S.K.: A planner-based approach to generate and analyze minimal attack graph. Appl. Intell. 36, 369–390 (2012)
Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: Proceedings of 1998 Workshop on New Security Paradigms, pp. 71–79 (1998)
Almohri, H.M.J., Watson, L.T., Yao, D., Ou, X.: Security optimization of dynamic networks with probabilistic graph modeling and linear programming. IEEE Trans. Dependable Secur. Comput. 13, 474–487 (2016)
Bi, K., Han, D., Wang, J.: K maximum probability attack paths dynamic generation algorithm. Comput. Sci. Inf. Syst. 13, 677–689 (2016)
Artz, M.L.: NetSPA : a network security planning architecture, pp. 1–97 (2002)
Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 9, 61–74 (2012)
Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: Proceedings of the 14th Conference on USENIX Security Symposium, vol. 14, p. 8 (2005)
Jajodia, S., Noel, S., O’Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats, pp. 247–266. Springer, Heidelberg (2005). doi:10.1007/0-387-24230-9_9
Barik, M.S., Mazumdar, C.: A graph data model for attack graph generation and analysis. In: MartÃnez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds.) SNDS 2014. CCIS, vol. 420, pp. 239–250. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54525-2_22
Common Weakness Enumeration, CWE. http://cwe.mitre.org/. Accessed 20 Apr 2017
Common Vulnerabilities and Exposures, CVE. https://cve.mitre.org/. Accessed 20 Apr 2017
Acknowledgement
This work has received funding from The European Union’s Horizon 2020 research and innovation program under grant agreement No. 653212.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Polatidis, N., Pimenidis, E., Pavlidis, M., Mouratidis, H. (2017). Recommender Systems Meeting Security: From Product Recommendation to Cyber-Attack Prediction. In: Boracchi, G., Iliadis, L., Jayne, C., Likas, A. (eds) Engineering Applications of Neural Networks. EANN 2017. Communications in Computer and Information Science, vol 744. Springer, Cham. https://doi.org/10.1007/978-3-319-65172-9_43
Download citation
DOI: https://doi.org/10.1007/978-3-319-65172-9_43
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-65171-2
Online ISBN: 978-3-319-65172-9
eBook Packages: Computer ScienceComputer Science (R0)