Global Mapping of Cyber Attacks

32 Pages Posted: 9 Feb 2016

See all articles by Ghita Mezzour

Ghita Mezzour

Carnegie Mellon University - Department of Electrical and Computer Engineering

L. Carley

Carnegie Mellon University - Department of Electrical and Computer Engineering

Kathleen M. Carley

Carnegie Mellon University; Carnegie Mellon University - H. John Heinz III School of Public Policy and Management; Institute for Software Research - Carnegie Mellon University

Date Written: 2014

Abstract

Identifying factors behind countries’ weakness to cyber-attacks is an important step towards addressing these weaknesses at the root level. For example, identifying factors why some countries become cyber-crime safe heavens can inform policy actions about how to reduce the attractiveness of these countries to cyber-criminals. Currently, however, identifying these factors is mostly based on expert opinions and speculations. In this work, we perform an empirical study to statistically test the validity of these opinions and speculations. In our analysis, we use Symantec’s World Intelligence Network Environment (WINE) Intrusion Prevention System (IPS) telemetry data which contain attack reports from more than 10 million customer computers worldwide. We use regression analysis to test for the relevance of multiple factors including monetary and computing resources, cyber-security research and institutions, and corruption.

Our analysis confirms some hypotheses and disproves others. We find that many countries in Eastern Europe extensively host attacking computers because of a combination of good computing infrastructure and high corruption rate. We also find that web attacks and fake applications are most prevalent in rich countries because attacks on these countries are more lucrative. Finally, we find that computers in Africa launch the lowest rates of cyber-attacks. This is surprising given the bad cyber reputation of some African countries such as Nigeria. Our research has many policy implications.

Keywords: intrusion detection, anti-virus, socio-technical factors, cyber security, empirical study

Suggested Citation

Mezzour, Ghita and Carley, L. and Carley, Kathleen M., Global Mapping of Cyber Attacks (2014). Available at SSRN: https://ssrn.com/abstract=2729302 or http://dx.doi.org/10.2139/ssrn.2729302

Ghita Mezzour

Carnegie Mellon University - Department of Electrical and Computer Engineering ( email )

4720 Forbes Avenue
CIC Building, Cylab
Pittsburgh, PA 15213
United States

L. Carley

Carnegie Mellon University - Department of Electrical and Computer Engineering ( email )

4720 Forbes Avenue
CIC Building, Cylab
Pittsburgh, PA 15213
United States

Kathleen M. Carley (Contact Author)

Carnegie Mellon University ( email )

Pittsburgh, PA 15213-3890
United States
412-268-6016 (Phone)

Carnegie Mellon University - H. John Heinz III School of Public Policy and Management ( email )

Pittsburgh, PA 15213-3890
United States

Institute for Software Research - Carnegie Mellon University ( email )

School of Computer Science
5000 Forbes Avenue
Pittsburgh, PA 15213
United States

HOME PAGE: http://isri.cs.cmu.edu/

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
274
Abstract Views
1,064
Rank
203,067
PlumX Metrics