Leveraging Open Threat Exchange (OTX) to Understand Spatio-Temporal Trends of Cyber Threats: Covid-19 Case Study
This work provides insights for cyber threat intelligence and defense strategies, though it is incremental as it applies existing methods to new data.
The study analyzed spatio-temporal trends of cyber threats using data from 160,000 global participants, modeling attack spreading patterns with transition graphs and examining the impact of COVID-19 on threat evolution.
Understanding the properties exhibited by Spatial-temporal evolution of cyber attacks improve cyber threat intelligence. In addition, better understanding on threats patterns is a key feature for cyber threats prevention, detection, and management and for enhancing defenses. In this work, we study different aspects of emerging threats in the wild shared by 160,000 global participants form all industries. First, we perform an exploratory data analysis of the collected cyber threats. We investigate the most targeted countries, most common malwares and the distribution of attacks frequency by localisation. Second, we extract attacks' spreading patterns at country level. We model these behaviors using transition graphs decorated with probabilities of switching from a country to another. Finally, we analyse the extent to which cyber threats have been affected by the COVID-19 outbreak and sanitary measures imposed by governments to prevent the virus from spreading.