Causal analysis of attacks against honeypots based on properties of countries

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F61988987%3A17310%2F19%3AA2001ZBW" target="_blank" >RIV/61988987:17310/19:A2001ZBW - isvavai.cz</a>

Výsledek na webu

<a href="https://ieeexplore.ieee.org/abstract/document/8793270" target="_blank" >https://ieeexplore.ieee.org/abstract/document/8793270</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1049/iet-ifs.2018.5141" target="_blank" >10.1049/iet-ifs.2018.5141</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Causal analysis of attacks against honeypots based on properties of countries

Popis výsledku v původním jazyce

This paper studies the influence of country attributes on the number of SSH attacks originating from it detected by the author's honeynet. Four statistical models are described, based on three sources of data from various countries. The studied attributes of the countries can be broadly divided into demographic, technological, and economic, with each source providing a slightly different set of attributes. Statistical methods such as Partial least squares path modeling (PLS-PM) are used, clustering countries by their assessed similarity. The population size has the greatest effect on the number of attacks, as expected, though it has to be noted that developing countries did not provide relevant data to the sources used and thus were not included. The following influential attributes were technical, such as the access to Information and Communication Technologies (ICT), and the use of ICT, with the economic influence being noticeable only in rather small countries. The Netherlands was an interesting anomaly, being clustered alongside large countries, even though its country attributes were very much like those of its neighbours.

Název v anglickém jazyce

Causal analysis of attacks against honeypots based on properties of countries

Popis výsledku anglicky

This paper studies the influence of country attributes on the number of SSH attacks originating from it detected by the author's honeynet. Four statistical models are described, based on three sources of data from various countries. The studied attributes of the countries can be broadly divided into demographic, technological, and economic, with each source providing a slightly different set of attributes. Statistical methods such as Partial least squares path modeling (PLS-PM) are used, clustering countries by their assessed similarity. The population size has the greatest effect on the number of attacks, as expected, though it has to be noted that developing countries did not provide relevant data to the sources used and thus were not included. The following influential attributes were technical, such as the access to Information and Communication Technologies (ICT), and the use of ICT, with the economic influence being noticeable only in rather small countries. The Netherlands was an interesting anomaly, being clustered alongside large countries, even though its country attributes were very much like those of its neighbours.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

IET Information Security

ISSN

1751-8709

e-ISSN

—

Svazek periodika

13

Číslo periodika v rámci svazku

5

Stát vydavatele periodika

GB - Spojené království Velké Británie a Severního Irska

Počet stran výsledku

12

Strana od-do

435-447

Kód UT WoS článku

000479308800004

EID výsledku v databázi Scopus

2-s2.0-85070436353