The significant recent growth in digitization has been accompanied by a rapid increase in cyber attacks affecting all sectors. Thus, it is fundamental to make a correct assessment of the risk to suffer a cyber attack and of the resulting damage. Quantitative loss data are rarely available, while it is possible to obtain a qualitative evaluation on an ordinal scale of the gravity of an attack from experts of the sector. In this paper, we discuss how network models can be useful instruments for the evaluation of the risk associated to a cyber attack. In particular, we consider Bayesian Networks, Random Forests and Social Networks to study different aspects of the examined problem. Along with the description of the methodology, we examine a real set of data regarding serious cyber attacks occurred worldwide before and during the pandemic due to Covid-19. In the analysis, we also investigate how the Covid-19 period had an impact on the cyber risk landscape in terms of frequency and gravity of the observed attacks.
Facchinetti, S., Osmetti, S. A., Tarantola, C., Network models for cyber attacks evaluation, <<SOCIO-ECONOMIC PLANNING SCIENCES>>, 2023; 87 parte B 101584 (87 parte B 101584): 1-13. [doi:10.1016/j.seps.2023.101584] [https://hdl.handle.net/10807/237675]
Network models for cyber attacks evaluation
Facchinetti, Silvia;Osmetti, Silvia Angela;
2023
Abstract
The significant recent growth in digitization has been accompanied by a rapid increase in cyber attacks affecting all sectors. Thus, it is fundamental to make a correct assessment of the risk to suffer a cyber attack and of the resulting damage. Quantitative loss data are rarely available, while it is possible to obtain a qualitative evaluation on an ordinal scale of the gravity of an attack from experts of the sector. In this paper, we discuss how network models can be useful instruments for the evaluation of the risk associated to a cyber attack. In particular, we consider Bayesian Networks, Random Forests and Social Networks to study different aspects of the examined problem. Along with the description of the methodology, we examine a real set of data regarding serious cyber attacks occurred worldwide before and during the pandemic due to Covid-19. In the analysis, we also investigate how the Covid-19 period had an impact on the cyber risk landscape in terms of frequency and gravity of the observed attacks.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
