The Global Cyber-Vulnerability Report | springerprofessional.de

Springer Professional

Top

2015 | Book

Read chapter Read first chapter

The Global Cyber-Vulnerability Report

Authors: V.S. Subrahmanian, Michael Ovelgonne, Tudor Dumitras, Aditya Prakash

Publisher: Springer International Publishing

Book Series : Terrorism, Security, and Computation

Part of: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Login to get access

About this book

This is the first book that uses cyber-vulnerability data to explore the vulnerability of over four million machines per year, covering a two-year period as reported by Symantec. Analyzing more than 20 billion telemetry reports comprising malware and binary reputation reports, this book quantifies the cyber-vulnerability of 44 countries for which at least 500 hosts were monitored.

Chapters explain the context for this data and its impact, along with explaining how the cyber-vulnerability is calculated. This book also contains a detailed summary of the cyber-vulnerability of dozens of nations according to the percentage of infected hosts and number of infections. It identifies relationships between piracy rates, GDP and other country indicators. The book contains detailed information about potential cyber-security policies that 44 countries have announced, as well as an analysis of gaps in cyber-security policies in general.

The Global Cyber-Vulnerability Report targets researchers and professionals including government and military workers, policy-makers and law-makers working in cybersecurity or the web intelligence fields. Advanced-level students in computer science will also find this report valuable as a reference.

Advertisement

Table of Contents

Frontmatter

Chapter 1. Introduction

Abstract

This chapter summarizes the results of a study analyzing 2 years of data provided by Symantec, monitoring over 4M host machines per year and a total of over 20B telemetry reports from these hosts. By focusing on 44 countries for which at least 500 hosts were monitored per year, we are able to provide a comprehensive analysis of the cyber-vulnerability of countries according to two measures: number of attacks per machine in a given country, and percentage of machines in the country that are attacked. We provide an analysis of the cyber-vulnerability of these countries according to these measures, identifying the most vulnerable and the least vulnerable nations from a cyber-vulnerability perspective.

V. S. Subrahmanian, Michael Ovelgönne, Tudor Dumitras, B. Aditya Prakash

Chapter 2. Types of Malware and Malware Distribution Strategies

Abstract

The goal of this chapter is to provide a brief overview of different types of malware that have been used to carry out cyber-attacks. In most cases, we will provide examples of each category of malware. Moreover, malware tends to be distributed in different ways and propagate in different ways. We will briefly explain how such malware propagates through the network. Finally, we will briefly describe a few specific malware attacks that nations may wish to guard against in the future.

V. S. Subrahmanian, Michael Ovelgönne, Tudor Dumitras, B. Aditya Prakash

Chapter 3. Methodology and Measurement

Abstract

Our Global Cyber-Vulnerability Report was created by analyzing over 20 billion telemetry records (both binary reputation and malware reports) during a 2-year period in which we had data on over 4M machines per year. In this chapter, we briefly overview the methodology used in the creation of this report.

V. S. Subrahmanian, Michael Ovelgönne, Tudor Dumitras, B. Aditya Prakash

Chapter 4. Human Behavior and Susceptibility to Cyber-Attacks

Abstract

While human users are often considered to be the weakest link in security systems, the risks associated with their typical day-to-day computing habits are not well understood. Using Symantec’s WINE platform, we conduct a detailed study of 13.7B pieces of malware over a population of 1.6 million machines during an 8-month period in order to learn the relationship between user behavior and cyber-attacks against their personal computers. We classify users into four categories (gamers, professionals, software developers, others plus a fifth category comprising everyone) and identify a total of seven independent variables to study: (i) number of binaries (executables) on a machine, (ii) fraction of low-prevalence binaries on a machine, (iii) fraction of high-prevalence binaries on a machine, (iv) fraction of unique binaries on a machine, (v) fraction of downloaded binaries on a machine, (vi) fraction of unsigned binaries on a machine and (vii) travel history of the machine based on number of ISPs from whom the machine connected to the Internet.

V. S. Subrahmanian, Michael Ovelgönne, Tudor Dumitras, B. Aditya Prakash

Chapter 5. Country by Country Analysis

Abstract

In this chapter, we present a detailed summary of the cyber-vulnerability of each of the 44 countries in our study. We start with a summary of the national cybersecurity strategy for that country. In some cases, the country has not published a national cybersecurity strategy, but most of the 44 countries in our study do have one. For each country, we show the average number of attacks per host, and the percentage of attacked hosts over our 2 year study window. We show the distribution of attack types (viruses, Trojans, worms, spyware, adware, misleading software) and how these attacks vary by month. For comparison, we compare attack types statistics for each country with the corresponding statistics for the entire set of OECD countries as well as the entire set of non-OECD countries.

V. S. Subrahmanian, Michael Ovelgönne, Tudor Dumitras, B. Aditya Prakash

Backmatter

Title: The Global Cyber-Vulnerability Report
Authors: V.S. Subrahmanian
Michael Ovelgonne
Tudor Dumitras
Aditya Prakash
Copyright Year: 2015
Publisher: Springer International Publishing
Electronic ISBN: 978-3-319-25760-0
Print ISBN: 978-3-319-25758-7
DOI: https://doi.org/10.1007/978-3-319-25760-0

Premium Partner