Advanced search
Publication Cover
Journal of Applied Statistics Volume 44, 2017 - Issue 14
Submit an article Journal homepage
1,184
Views
42
CrossRef citations to date
0
Altmetric
Original Articles

Modeling and predicting extreme cyber attack rates via marked point processes

Chen PengDepartment of Statistics and Finance, University of Science and Technology of China, Anhui, People's Republic of ChinaView further author information
,
Maochao XuDepartment of Mathematics, Illinois State University, Normal, IL, USACorrespondence[email protected]
View further author information
,
Shouhuai XuDepartment of Computer Science, University of Texas at San Antonio, San Antonio, TX, USAView further author information
&
Taizhong HuDepartment of Statistics and Finance, University of Science and Technology of China, Anhui, People's Republic of ChinaView further author information
Pages 2534-2563 | Received 04 Jan 2016, Accepted 31 Oct 2016, Published online: 17 Nov 2016

References

  • S. Almotairi, A. Clark, G. Mohay, and J. Zimmermann, Characterization of attackers' activities in honeypot traffic using principal component analysis, Proceedings of the 2008 IFIP International Conference on Network and Parallel Computing, 2008, pp. 147–154.
  • S. Almotairi, A. Clark, G. Mohay, and J. Zimmermann, A technique for detecting new attacks in low-interaction honeypot traffic, Proc. International Conference on Internet Monitoring and Protection, 2009, pp. 7–13.
  • L. Anselin, Spatial Econometrics: Methods And Models, Vol. 4, Springer Science & Business Media, New York, 2013.
  • M. Bailey, E. Cooke, F. Jahanian, A. Myrick, and S. Sinha, Practical darknet measurement, 2006 40th Annual Conference on Information Sciences and Systems, March 2006, pp. 1496–1501.
  • L. Bauwens and P. Giot, The logarithmic acd model: An application to the bid-ask quote process of three NYSE stocks, Annales d'Economie et de Statistique 60 (2000), pp. 117–149. doi: 10.2307/20076257
  • L. Bauwens, P. Giot, J. Grammig, and D. Veredas, A comparison of financial duration models via density forecasts, Int. J. Forecast. 20 (2004), pp. 589–609. doi: 10.1016/j.ijforecast.2003.09.014
  • V. Chavez-Demoulin, A.C. Davison, and A.J. McNeil, Estimating value-at-risk: A point process approach, Quant. Financ. 5 (2005), pp. 227–234. doi: 10.1080/14697680500039613
  • V. Chavez-Demoulin and J.A. McGill, High-frequency financial data modeling using Hawkes processes, J. Banking Financ. 36 (2012), pp. 3415–3426. doi: 10.1016/j.jbankfin.2012.08.011
  • S.N. Chiu, D. Stoyan, W.S. Kendall, and J. Mecke, Stochastic Geometry and Its Applications, John Wiley & Sons, Hoboken, NJ, 2013.
  • P.F. Christoffersen, Evaluating interval forecasts, Internat. Econom. Rev. 39 (1998), pp. 841–862. doi: 10.2307/2527341
  • A. Christou Micheas, Hierarchical Bayesian modeling of marked non-homogeneous Poisson processes with finite mixtures and inclusion of covariate information, J. Appl. Stat. 41 (2014), pp. 2596–2615. doi: 10.1080/02664763.2014.922167
  • K. C. Claffy, H.-W. Braun, and G. C. Polyzos, A parameterizable methodology for internet traffic flow profiling, IEEE J. Sel. Areas Commun. 13 (1995), pp. 1481–1494. doi: 10.1109/49.464717
  • N. Cressie, Statistics for Spatial Data, Wiley Series in Probability and Statistics, Vol. 15, Wiley-Interscience, New York, 1993, pp. 105–209.
  • A. Dainotti, A. King, K. Claffy, F. Papale, and A. Pescapè, Analysis of a ‘/0’ stealth scan from a botnet, Proceedings of the 2012 ACM Conference on Internet Measurement Conference (IMC'12), 2012, pp. 1–14.
  • D.J. Daley and D. Vere-Jones, An Introduction to the Theory of Point Processes, Vol. 1, 2nd ed., Springer, New York, 2002.
  • D.J. Daley and D. Vere-Jones, An Introduction to the Theory of Point Processes: Volume II: General Theory and Structure, Springer Science & Business Media, New York, 2007.
  • S. Dharmapurikar, P. Krishnamurthy, T. Sproull, and J. Lockwood, Deep packet inspection using parallel bloom filters, Proceedings 11th Symposium on High Performance Interconnects, IEEE, 2003, pp. 44–51.
  • P.J. Diggle, Statistical Analysis of Spatial and Spatio-Temporal Point Patterns, CRC Press, Boca Raton, FL, 2013.
  • T. Dubendorfer and B. Plattner, Host behaviour based early detection of worm outbreaks in internet backbones, Proc. IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise, 2005, pp. 166–171.
  • P. Embrechts, C. Kluppelberg, and T. Mikosch, Modelling Extremal Events for Insurance and Finance, Springer, Berlin, 1997.
  • R.F. Engle and J.R. Russell, Autoregressive conditional duration: A new model for irregularly spaced transaction data, Econometrica (1998), pp. 1127–1162. doi: 10.2307/2999632
  • Y. Gao, Z. Li, and Y. Chen, A dos resilient flow-level intrusion detection approach for high-speed networks, Proc. IEEE International Conference on Distributed Computing Systems (ICDCS'06), 2006, p. 39.
  • E. Glatz and X. Dimitropoulos, Classifying internet one-way traffic, Proceedings of the 2012 ACM Conference on Internet Measurement Conference (IMC'12), 2012, pp. 37–50.
  • R. Herrera and B. Schipp, Value at risk forecasts by extreme value models in a conditional duration framework, J. Empir. Financ. 23 (2013), pp. 33–47. doi: 10.1016/j.jempfin.2013.05.002
  • A. Hussain, J. Heidemann, and C. Papadopoulos, A framework for classifying denial of service attacks, Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM '03, ACM, New York, NY, USA, 2003, pp. 99–110.
  • J. Illian, A. Penttinen, H. Stoyan, and D. Stoyan, Statistical Analysis and Modelling of Spatial Point Patterns, Vol. 70, John Wiley & Sons, Hoboken, NJ, 2008.
  • A. Karr, Point Processes and their Statistical Inference, Vol. 7, CRC press, New York, 1991.
  • T. Kumazawa and Y. Ogata, et al. Nonstationary ETAS models for nonstandard earthquakes, Ann. Appl. Stat. 8 (2014), pp. 1825–1852. doi: 10.1214/14-AOAS759
  • F. Lau, S.H. Rubin, M.H. Smith, and L. Trajkovic, Distributed denial of service attacks, IEEE International Conference on Systems, Man, and Cybernetics, 2000, Vol. 3, 2000, pp. 2275–2280.
  • Z. Li, A. Goyal, Y. Chen, and V. Paxson, Towards situational awareness of large-scale Botnet probing events, IEEE Trans. Inf. Forensics Secur. 6 (2011), pp. 175–188. doi: 10.1109/TIFS.2010.2086445
  • C. Livadas, R. Walsh, D. Lapsley, and W. Timothy Strayer, Using machine learning techniques to identify botnet traffic, Proc. IEEE LCN Workshop on Network Security (WoNS'2006), 2006, pp. 967–974.
  • A.J. McNeil, R. Frey, and P. Embrechts, Quantitative Risk Management: Concepts, Techniques, and Tools, Princeton University Press, Princeton, NJ, 2010.
  • T. Mikosch, Modeling dependence and tails of financial time series, Extreme Values in Finance, Telecommunications, and the Environment, 2003, pp. 185–286.
  • D. Moore, C. Shannon, D. J. Brown, G. M.Voelker, and S. Savage, Inferring internet denial-of-service activity, ACM Trans. Comput. Syst. 24 (2006), pp. 115–139. doi: 10.1145/1132026.1132027
  • Y. Ogata, Statistical models for earthquake occurrences and residual analysis for point processes, J. Amer. Statist. Assoc. 83 (1988), pp. 9–27. doi: 10.1080/01621459.1988.10478560
  • Y. Ogata, Space-time point-process models for earthquake occurrences, Ann. Inst. Stat. Math. 50 (1998), pp. 379–402. doi: 10.1023/A:1003403601725
  • S. Resnick, Heavy-Tail Phenomena: Probabilistic and Statistical Modeling, Springer, Ithaca, NY, 2007.
  • F.P. Schoenberg, Multidimensional residual analysis of point process models for earthquake occurrences, J. Amer. Statist. Assoc. 98 (2003), pp. 789–795. doi: 10.1198/016214503000000710
  • O. Thonnard and M. Dacier, A framework for attack patterns' discovery in honeynet data, Digit. Investigation 5 (2008), pp. S128–S139. doi: 10.1016/j.diin.2008.05.012
  • N. Weiler, Honeypots for distributed denial-of-service attacks, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2002. WET ICE 2002, 2002, pp. 109–114.
  • E. Wustrow, M. Karir, M. Bailey, F. Jahanian, and G. Huston, Internet background radiation revisited, Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement, IMC '10, ACM, New York, NY, USA, 2010, pp. 62–74.
  • V. Yegneswaran, P. Barford, and D. Plonka, On the design and use of internet sinks for network abuse monitoring, Recent Advances in Intrusion Detection, Springer, 2004, pp. 146–165.
  • Z. Zhan, M. Xu, and S. Xu, Characterizing honeypot-captured cyber attacks: Statistical framework and case study, IEEE Trans. Inf. Forensics Secur. 8 (2013), pp. 1775–1789. doi: 10.1109/TIFS.2013.2279800
  • Z. Zhan, M. Xu, and S. Xu, Predicting cyber attack rates with extreme values, IEEE Trans. Inf. Forensics Sec. (2015), pp. 1666–1677. doi: 10.1109/TIFS.2015.2422261
  • M.Y. Zhang, J.R. Russell, and R.S. Tsay, A nonlinear autoregressive conditional duration model with applications to financial transaction data, J. Econometrics 104 (2001), pp. 179–207. doi: 10.1016/S0304-4076(01)00063-X

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.