FORECASTING INFORMATION TRENDS CYBERATTACKS AS A TOOL FOR COUNTERING VULNERABILITIES IN THE ECONOMY
Abstract
This article is devoted to the issue of forecasting information trends of cyberattacks using the construction of autoregression models. The study's results will contribute to forming a strategy for countering cybercrimes at the macro level, reducing the impact of their negative consequences on development and the emergence of vulnerabilities in economic processes. Calculations were made based on Google Trends data for three types of cyber attacks related to social engineering, DoS attacks and attacks on user passwords. The data set was created from January 28, 2018, to January 22, 2023. Calculations were performed using the Python programming language. The process of forecasting consisted of the implementation of several preliminary tests, the construction of forecast models and their verification. Conducted Jarque–Bera test and analysis of distribution histograms for each data series established the necessity of logarithmizing the series of social engineering and attacks on user passwords. The extended Dickey–Fuller test confirmed the stationarity of the social engineering and DoS attacks. The time series of attacks on user passwords is non-stationary, so it will be integrated with the simulation process. The decomposition of trends revealed the presence of a seasonal component for social engineering and attacks on user passwords with lag 52. As a result, an ARMA model with autoregression and moving average components was built for DoS attacks, and SARIMA with seasonal and autoregressive elements for other series. The models were constructed iteratively based on analysing AIC, BIC and HQIC information criteria. As a result, those with the best values were selected. The residuals and forecast verification tests revealed a satisfactory model for DoS-attacks, social engineering – high level, although with the presence of autocorrelation of the residuals due to the seasonal component, for attacks on user passwords – high level, but with the presence of heteroscedasticity of the residuals, which requires further modification of the model. Although the prediction results turned out to be ambiguous, the constructed models can be used to predict cybercrimes related to DoS attacks and social engineering.
References
Kokaji A., Goto A. An analysis of economic losses from cyberattacks: based on input–output model and production function. Journal of Economic Structures. 2022. Vol. 11, № 1. Art. num. 34. DOI: https://doi.org/10.1186/s40008-022-00286-4
Tian S., Zhao B., Olivares R.O. Cybersecurity risks and central banks’ sentiment on central bank digital currency: Evidence from global cyberattacks. Finance Research Letters. 2023. Vol. 53. Art. num. 103609. DOI: https://doi.org/10.1016/j.frl.2022.103609
Klumpes P. Coordination of cybersecurity risk management in the U.K. insurance sector. Geneva Papers on Risk and Insurance: Issues and Practice. 2023. Vol. 48, № 2. P. 332–371. DOI: https://doi.org/10.1057/s41288-023-00287-9
Heymann F., Henry S., Galus M. Cybersecurity and resilience in the swiss electricity sector: Status and policy options. Utilities Policy. 2022. Vol. 79. Art. num. 101432. DOI: https://doi.org/10.1016/j.jup.2022.101432
Gafni R., Pavel T. Cyberattacks against the health-care sectors during the COVID-19 pandemic. Information and Computer Security. 2022. Vol. 30, № 1. P. 137–150. DOI: https://doi.org/10.1108/ICS-05-2021-0059
Kirimhan D. Importance of anti-money laundering regulations among prosumers for a cybersecure decentralized finance. Journal of Business Research. 2023. Vol. 157. Art. num. 113558. DOI: https://doi.org/10.1016/j.jbusres.2022.113558
Paraskevas A. Cybersecurity in travel and tourism: a risk-based approach. In Handbook of e-Tourism. Cham: Springer International Publishing, 2022. P. 1605–1628.
Punt E., Monstadt J., Frank S., Witte P. Navigating cyber resilience in seaports: challenges of preparing for cyberattacks at the Port of Rotterdam. Digital Policy, Regulation and Governance. 2023. In press. DOI: https://doi.org/10.1108/DPRG-12-2022-0150
Baliker C., Baza M., Alourani A., Alshehri A., Alshahrani H., Choo K.R. On the Applications of Blockchain in FinTech: Advancements and Opportunities. IEEE Transactions on Engineering Management. 2023. P. 1–18. In press. DOI: https://doi.org/10.1109/TEM.2022.3231057
Fan S., Yang Z. Safety and security co-analysis in transport systems: Current state and regulatory development. Transportation Research Part A: Policy and Practice. 2022. Vol. 166. P. 369–388. DOI: https://doi.org/10.1016/j.tra.2022.11.005
Sánchez M.A., De Batista M. Business continuity for times of vulnerability: Empirical evidence. Journal of Contingencies and Crisis Management. 2023. In press. DOI: https://doi.org/10.1111/1468-5973.12449
Crosignani M., Macchiavelli M., Silva A.F. Pirates without borders: The propagation of cyberattacks through firms’ supply chains. Journal of Financial Economics. 2023. Vol. 147, № 2. P. 432–448. DOI: https://doi.org/10.1016/j.jfineco.2022.12.002
Kokaji, A., & Goto, A. (2022). An analysis of economic losses from cyberattacks: based on input–output model and production function. Journal of Economic Structures, 11(1), 34. DOI: https://doi.org/10.1186/s40008-022-00286-4
Tian, S., Zhao, B., & Olivares, R.O. (2023). Cybersecurity risks and central banks’ sentiment on central bank digital currency: Evidence from global cyberattacks. Finance Research Letters, 53,103609. DOI: https://doi.org/10.1016/j.frl.2022.103609
Klumpes, P. (2023). Coordination of cybersecurity risk management in the U.K. insurance sector. Geneva Papers on Risk and Insurance: Issues and Practice, 48(2), 332–371. DOI: https://doi.org/10.1057/s41288-023-00287-9
Heymann, F., Henry, S., & Galus, M. (2022). Cybersecurity and resilience in the swiss electricity sector: Status and policy options. Utilities Policy, 79, 101432. DOI: https://doi.org/10.1016/j.jup.2022.101432
Gafni, R., & Pavel, T. (2022). Cyberattacks against the health-care sectors during the COVID-19 pandemic. Information and Computer Security, 30(1), 137–150. DOI: https://doi.org/10.1108/ICS-05-2021-0059
Kirimhan, D. (2023). Importance of anti-money laundering regulations among prosumers for a cybersecure decentralized finance. Journal of Business Research, 157, 113558. DOI: https://doi.org/10.1016/j.jbusres.2022.113558
Paraskevas, A. (2022). Cybersecurity in travel and tourism: a risk-based approach. In Handbook of e-Tourism (pp. 1605–1628). Cham: Springer International Publishing.
Punt, E., Monstadt, J., Frank, S., & Witte, P. (2023). Navigating cyber resilience in seaports: challenges of preparing for cyberattacks at the Port of Rotterdam. Digital Policy, Regulation and Governance, in press. DOI: https://doi.org/10.1108/DPRG-12-2022-0150
Baliker, C., Baza, M., Alourani, A., Alshehri, A., Alshahrani, H., & Choo, K.R. (2023). On the Applications of Blockchain in FinTech: Advancements and Opportunities. IEEE Transactions on Engineering Management, 1-18, in press. DOI: https://doi.org/10.1109/TEM.2022.3231057
Fan, S., & Yang, Z. (2022). Safety and security co-analysis in transport systems: Current state and regulatory development. Transportation Research Part A: Policy and Practice, 166, 369–388. DOI: https://doi.org/10.1016/j.tra.2022.11.005
Sánchez, M.A., & De Batista, M. (2023). Business continuity for times of vulnerability: Empirical evidence. Journal of Contingencies and Crisis Management, in press. DOI: https://doi.org/10.1111/1468-5973.12449
Crosignani, M., Macchiavelli, M., & Silva, A.F. (2023). Pirates without borders: The propagation of cyberattacks through firms’ supply chains. Journal of Financial Economics, 147(2), 432–448. DOI: https://doi.org/10.1016/j.jfineco.2022.12.002
This work is licensed under a Creative Commons Attribution 4.0 International License.
