Identification of Spatio-Temporal Patterns in Cyber Security for Detecting the Signature Identity of Hacker
Abstract
The internet communication infrastructure built using various state-of-the-art network topologies play critical dynamics in current economic, societal, and military activities. However, these hi-tech infrastructures are facing overwhelmingly severe cyber-security challenges on the global scale. The existing theoretical works focused on understanding the complex topologies of the Internet and on the likelihood of large scale failures, but constantly were overlooking that there could be any existence of intrinsic patterns of cyberattacks, not only in temporal frequencies but also in consecutive IP region referred to as geo-spatial coordinates (also referred as Spatio). Previous literature favors non-existent of such patterns due to the complexity of the cyberspace. Surprisingly, through a detailed analysis of spatiotemporal large datasets, we successfully would be able to uncover intrinsic 'spatiotemporal patterns' in the underlying cyberattacks. These above patterns can uncover the hacker's attack 'fingerprints' and target selection scheme by identifying the very limited number of unique spatiotemporal characteristics over the consecutive IP addresses. We will provide the proof-of-concept and further extend the work towards experimentation with cyber security data.