A. Baldwin
Contagion in cyber security attacks
Baldwin, A.; Gheyas, I.; Ioannidis, C.; Pym, D.; Williams, J.
Authors
I. Gheyas
C. Ioannidis
D. Pym
Professor Julian Williams julian.williams@durham.ac.uk
Head of Department
Abstract
Systems security is essential for the efficient operation of all organizations. Indeed, most large firms employ a designated ‘Chief Information Security Officer’ to coordinate the operational aspects of the organization’s information security. Part of this role is in planning investment responses to information security threats against the firm’s corporate network infrastructure. To this end, we develop and estimate a vector equation system of threats to 10 important IP services, using industry standard SANS data on threats to various components of a firm’s information system over the period January 2003 – February 2011. Our results reveal strong evidence of contagion between such attacks, with attacks on ssh and Secure Web Server indicating increased attack activity on other ports. Security managers who ignore such contagious inter-relationships may underestimate the underlying risk to their systems’ defence of security attributes, such as sensitivity and criticality, and thus delay appropriate information security investments.
Citation
Baldwin, A., Gheyas, I., Ioannidis, C., Pym, D., & Williams, J. (2017). Contagion in cyber security attacks. Journal of the Operational Research Society, 68(7), 780-791. https://doi.org/10.1057/jors.2016.37
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Apr 25, 2016 |
| Online Publication Date | Dec 21, 2017 |
| Publication Date | Jul 1, 2017 |
| Deposit Date | May 4, 2016 |
| Publicly Available Date | Mar 9, 2018 |
| Journal | Journal of the Operational Research Society |
| Print ISSN | 0160-5682 |
| Electronic ISSN | 1476-9360 |
| Publisher | Taylor and Francis Group |
| Peer Reviewed | Peer Reviewed |
| Volume | 68 |
| Issue | 7 |
| Pages | 780-791 |
| DOI | https://doi.org/10.1057/jors.2016.37 |
| Public URL | https://durham-repository.worktribe.com/output/1413311 |
Files
Accepted Journal Article
(797 Kb)
PDF
Copyright Statement
This is a post-peer-review, pre-copyedit version of an article published in Journal of the Operational Research Society. The definitive publisher-authenticated version Baldwin, A., Gheyas, I., Ioannidis, C., Pym, D. & Williams, J. (2017). Contagion in cyber security attacks. Journal of the Operational Research Society, 68(7): 780-791, doi: 10.1057/jors.2016.37 is available online at: https://doi.org/10.1057/jors.2016.37
You might also like
JUNE: open-source individual-based epidemiology simulation
(2021)
Journal Article
The Work-Averse Cyber Attacker Model: Theory and Evidence From Two Million Attack Signatures
(2021)
Journal Article
Testing the Eigenvalue Structure of Spot and Integrated Covariance
(2021)
Journal Article
Downloadable Citations
About Durham Research Online (DRO)
Administrator e-mail: dro.admin@durham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search