Characterizing and Leveraging Granger Causality in Cybersecurity: Framework and Case Study

Trieu-Do, Van and Garcia-Lebron, Richard and Xu, Maochao and Xu, Shouhuai and Feng, Yusheng (2021) Characterizing and Leveraging Granger Causality in Cybersecurity: Framework and Case Study. EAI Endorsed Transactions on Security and Safety, 7 (25). e4. ISSN 2032-9393

[thumbnail of eai.11-5-2021.169912.pdf]
Available under License Creative Commons Attribution No Derivatives.

Download (7MB) | Preview


Causality is an intriguing concept that once tamed, can have many applications. While having been widely investigated in other domains, its relevance and usefulness in the cybersecurity domain has received little attention. In this paper, we present a systematic investigation of a particular approach to causality, known as Granger causality (G-causality), in cybersecurity. We propose a framework, dubbed Cybersecurity Granger Causality (CGC), for characterizing the presence of G-causality in cyber attack rate time series and for leveraging G-causality to predict (i.e., forecast) cyber attack rates. The framework offers a range of research questions, which can be adopted or adapted to study G-causality in other kinds of cybersecurity time series data. In order to demonstrate the usefulness of CGC, we present a case study by applying it to a particular cyber attack dataset collected at a honeypot. From this case study, we draw a number of insights into the usefulness and limitations of G-causality in the cybersecurity domain.

Item Type: Article
Uncontrolled Keywords: Granger Causality, Causality, Cyber Attack Forecasting, Cyber Attack Rate, Time Series
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
QA75 Electronic computers. Computer science
T Technology > T Technology (General)
Depositing User: EAI Editor IV
Date Deposited: 09 Jul 2021 08:33
Last Modified: 09 Jul 2021 08:33

Actions (login required)

View Item
View Item