Reasoning About Future Cyber-Attacks Through Socio-Technical Hacking Information

With the widespread of cyber-attack incidents, cybersecurity has become a major concern for organizations. The waste of time, money and resources while organizations counter irrelevant cyber threats can turn them into the next victim of malicious hackers. In addition, the online hacking community has grown rapidly, making the cyber threat landscape hard to keep track of. In this work, we describe an AI tool that uses a temporal logical framework to learn rules that correlate malicious hacking activity with real-world cyber incidents, aiming to leverage these rules for predicting future cyber-attacks. The framework considers socio-personal and technical indicators of enterprise attacks, analyzing the hackers and their strategies when they are planning cyber offensives online. Our results demonstrate the viability of the proposed approach, which outperforms baseline systems by an average Fl score increase of 138%, 71% and 17% for intervals of 1, 2 and 3 days respectively, providing security teams mechanisms to predict and avoid cyber-attacks.