The reviewed record of science sign in
Pith

arxiv: 2411.12435 · v1 · pith:EJ4WNNQF · submitted 2024-11-19 · cs.CR · cs.LG

STRisk: A Socio-Technical Approach to Assess Hacking Breaches Risk

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:EJ4WNNQFrecord.jsonopen to challenge →

classification cs.CR cs.LG
keywords socialtechnicalorganizationsapproachbestbreachesdimensionfeatures
0
0 comments X
read the original abstract

Data breaches have begun to take on new dimensions and their prediction is becoming of great importance to organizations. Prior work has addressed this issue mainly from a technical perspective and neglected other interfering aspects such as the social media dimension. To fill this gap, we propose STRisk which is a predictive system where we expand the scope of the prediction task by bringing into play the social media dimension. We study over 3800 US organizations including both victim and non-victim organizations. For each organization, we design a profile composed of a variety of externally measured technical indicators and social factors. In addition, to account for unreported incidents, we consider the non-victim sample to be noisy and propose a noise correction approach to correct mislabeled organizations. We then build several machine learning models to predict whether an organization is exposed to experience a hacking breach. By exploiting both technical and social features, we achieve a Area Under Curve (AUC) score exceeding 98%, which is 12% higher than the AUC achieved using only technical features. Furthermore, our feature importance analysis reveals that open ports and expired certificates are the best technical predictors, while spreadability and agreeability are the best social predictors.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.