Analyzing Cyber Attacks and Breaches: A Comprehensive Monitoring Approach

Analyzing cyber incident data sets is a crucial strategy to enhance our understanding of the evolving threat landscape. Although this area of research is relatively new, there is still much ground to cover. In this report, we present a statistical analysis of a data set comprising 12 years of cyber hacking activities, including malware attacks. Contrary to what has been reported in existing literature, we find that both the inter-arrival times of hacking breach incidents and the breach sizes should be modeled using stochastic processes rather than distributions due to their autocorrelations. To address this, we propose specific stochastic process models to appropriately fit the inter-arrival times and breach sizes. Moreover, these models effectively predict both the inter-arrival times and the breach sizes. To gain deeper insights into the patterns of hacking breach incidents, we conduct both qualitative and quantitative trend analyses on the data set. Through this comprehensive approach, we extract valuable cyber security insights. Notably, we observe that the frequency of cyber hacks is indeed increasing over time, indicating a worsening threat scenario. However, interestingly, the extent of the damage caused by these hacks has not shown a corresponding increase. By carefully studying these trends, we aim to contribute to the overall understanding of cyber security threats, helping organizations and researchers develop more effective strategies to protect against evolving cyber-attacks. Our findings highlight the importance of employing stochastic processes for modeling such incidents, and this work paves the way for further research and exploration in this dynamic field.