All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Using honeynet data and a time series to predict the number of cyber attacks

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F61988987%3A17310%2F21%3AA2202A72" target="_blank" >RIV/61988987:17310/21:A2202A72 - isvavai.cz</a>

  • Result on the web

    <a href="http://www.doiserbia.nb.rs/Article.aspx?ID=1820-02142100040Z" target="_blank" >http://www.doiserbia.nb.rs/Article.aspx?ID=1820-02142100040Z</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.2298/CSIS200715040Z" target="_blank" >10.2298/CSIS200715040Z</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Using honeynet data and a time series to predict the number of cyber attacks

  • Original language description

    A large number of cyber attacks are commonly conducted against home computers, mobile7devices, as well as servers providing various services. One such prominently attacked service, or a pro-8tocol in this case, is the Secure Shell (SSH) used to gain remote access to manage systems. Besides hu-9man attackers, botnets are a major source of attacks on SSH servers. Tools such as honeypots allow an10effective means of recording and analysing such attacks.However, is it also possible to use them to ef-11fectively predict these attacks? The prediction of SSH attacks, specifically the prediction of activity on12certain subjects, such as autonomous systems, will be beneficial to system administrators, internet ser-13vice providers, and CSIRT teams. This article presents multiple methods for using a time series, based14on real-world data,to predict these attacks. It focuses on the overall prediction of attacks on the hon-15eynet and the prediction of attacks from specific geographical regions. Multiple approaches are used,16such as ARIMA, SARIMA, GARCH, and Bootstrapping. The article presents the viability, precision and17usefulness of the individual approaches for various areas of IT security.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2021

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    Computer Science and Information Systems

  • ISSN

    1820-0214

  • e-ISSN

    2406-1018

  • Volume of the periodical

    18

  • Issue of the periodical within the volume

    4

  • Country of publishing house

    RS - THE REPUBLIC OF SERBIA

  • Number of pages

    17

  • Pages from-to

    1197-1217

  • UT code for WoS article

    000718010500006

  • EID of the result in the Scopus database

    2-s2.0-85118940819

Similar results(10)

Analysis and detection of application-independent slow Denial of Service cyber attacksAutomatic analysis of attack data from distributed honeypot networkSecuring Internet Comunication