Researchers over at the University of Michigan claim that cyber attacks follow a pattern that is predictable and to prove their claims they have developed a mathematical model to predict the attacks.
Robert Axelrod, professor of political science and public policy at U-M’s Ford School, and Rumen Iliev, postdoctoral research fellow at the school claim that countries across the globe are stockpiling on novel methods of engaging in cyber warfare including zero-day exploits against select targets. The duo intends to present analyse “optimal timing for the use of such cyber resources.”
According to the researchers, nations who are in possession of these cyber warfare tools including zero-day exploits are faced with decision making as to the optimal time of launching the attacks using these tools. The researchers have developed a “simple mathematical model applied to four case studies to promote the understanding of the new domain of cyber conflict.” These case studies include the Stuxnet attack and attack on energy firm Saudi Aramco.
Researchers have developed two concepts: one is categorised as stealth, which is defined as the ability of exploit to stay undiscovered if it is used; other is categorised as persistence, which is the ability of a vulnerability to stay undiscovered if it isn’t used. The researchers reveal that timing of attacks can be predicted by combined analysis of these two concepts.
Find the paper here.
