Unravelling the Sequential Patterns of Cyber Attacks: A Temporal Analysis of Attack Dependencies

Fares  Ashraf ElSalamony; Nahla Barakat; Ahmad Mostafa

doi:10.5220/0013436500003944

Unravelling the Sequential Patterns of Cyber Attacks: A Temporal Analysis of Attack Dependencies

Fares Ashraf ElSalamony, Nahla Barakat, Ahmad Mostafa

2025

Abstract

Cybersecurity has become increasingly challenging, particularly in understanding and predicting complex attack sequences within network traffic. In this paper, we introduce a new approach for predicting cybersecurity attacks utilizing time series data and transformer architecture, which has achieved the state-of-the-art F1-score for a time series, multiclass problem on the UNSW-NB15 dataset. This is despite earlier studies either considered binary task only (attack/non-attack) or did not deal with the problem as a time series. For the first time, we integrated time series prediction with analysis and visualization methods for detecting possible sequences of cyber-attacks, which were then verified with domain experts. Statistical methods confirmed the significance of the detected sequence, ensuring that these attacks are not random. Our findings revealed the existence of patterns of attack sequences, demonstrating how one attack type often precedes another in predictable patterns. This paper not only fills a critical gap in attack progression modelling but also introduces advanced visualization and analysis that confirm the predictions of the model.

Download

Paper Citation

in Harvard Style

ElSalamony F., Barakat N. and Mostafa A. (2025). Unravelling the Sequential Patterns of Cyber Attacks: A Temporal Analysis of Attack Dependencies. In Proceedings of the 10th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS; ISBN 978-989-758-750-4, SciTePress, pages 394-401. DOI: 10.5220/0013436500003944

in Bibtex Style

@conference{iotbds25,
author={Fares ElSalamony and Nahla Barakat and Ahmad Mostafa},
title={Unravelling the Sequential Patterns of Cyber Attacks: A Temporal Analysis of Attack Dependencies},
booktitle={Proceedings of the 10th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS},
year={2025},
pages={394-401},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013436500003944},
isbn={978-989-758-750-4},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS
TI - Unravelling the Sequential Patterns of Cyber Attacks: A Temporal Analysis of Attack Dependencies
SN - 978-989-758-750-4
AU - ElSalamony F.
AU - Barakat N.
AU - Mostafa A.
PY - 2025
SP - 394
EP - 401
DO - 10.5220/0013436500003944
PB - SciTePress