Future of Information and Communication Conference (FICC) 2025
28-29 April 2025
Publication Links
IJACSA
Special Issues
Future of Information and Communication Conference (FICC)
Computing Conference
Intelligent Systems Conference (IntelliSys)
Future Technologies Conference (FTC)
International Journal of Advanced Computer Science and Applications(IJACSA), Volume 11 Issue 2, 2020.
Abstract: With the rapid development of computer networks and information technology, an attacker has taken advantage to manipulate the situation to launch a complicated cyberattack. This complicated cyberattack causes a lot of problems among the organization because it requires an effective cyberattack attribution to mitigate and reduce the infection rate. Cyber Threat Intelligence (CTI) has gain wide coverage from the media due to its capability to provide CTI feeds from various data sources that can be used for cyberattack attribution. In this paper, we study the relationship of basic Indicator of Compromise (IOC) based on a network traffic dataset from a data mining approach. This dataset is obtained using a crawler that is deployed to pull security feed from Shadowserver. Then an association analysis method using Apriori Algorithm is implemented to extract rules that can discover interesting relationship between large sets of data items. Finally, the extracted rules are evaluated over the factor of interestingness measure of support, confidence and lift to quantify the value of association rules generated with Apriori Algorithm. By implementing the Apriori Algorithm in Shadowserver dataset, we discover some association rules among several IOC which can help attribute the cyberattack.
Md Sahrom Abu, Siti Rahayu Selamat, Robiah Yusof and Aswami Ariffin, “An Attribution of Cyberattack using Association Rule Mining (ARM)” International Journal of Advanced Computer Science and Applications(IJACSA), 11(2), 2020. http://dx.doi.org/10.14569/IJACSA.2020.0110246
@article{Abu2020,
title = {An Attribution of Cyberattack using Association Rule Mining (ARM)},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2020.0110246},
url = {http://dx.doi.org/10.14569/IJACSA.2020.0110246},
year = {2020},
publisher = {The Science and Information Organization},
volume = {11},
number = {2},
author = {Md Sahrom Abu and Siti Rahayu Selamat and Robiah Yusof and Aswami Ariffin}
}
Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.