{"id":"https://openalex.org/W2735579428","doi":"https://doi.org/10.1093/cybsec/tyy007","title":"Malware in the future? Forecasting of analyst detection of cyber events","display_name":"Malware in the future? Forecasting of analyst detection of cyber events","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2735579428","doi":"https://doi.org/10.1093/cybsec/tyy007","mag":"2735579428"},"language":"en","primary_location":{"id":"doi:10.1093/cybsec/tyy007","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyy007","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy007/27239107/tyy007.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"public-domain","license_id":"https://openalex.org/licenses/public-domain","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy007/27239107/tyy007.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084984307","display_name":"Jonathan Z. Bakdash","orcid":"https://orcid.org/0000-0002-1409-4779"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]},{"id":"https://openalex.org/I206651237","display_name":"Texas A&M University \u2013 Commerce","ror":"https://ror.org/01red3556","country_code":"US","type":"education","lineage":["https://openalex.org/I206651237"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jonathan Z Bakdash","raw_affiliation_strings":["Department of Psychology, Counseling, and Special Education, Texas A&M Commerce, Commerce, TX, USA","US Army Research Laboratory South at the University of Texas at Dallas, Richardson, TX, USA"],"affiliations":[{"raw_affiliation_string":"Department of Psychology, Counseling, and Special Education, Texas A&M Commerce, Commerce, TX, USA","institution_ids":["https://openalex.org/I206651237"]},{"raw_affiliation_string":"US Army Research Laboratory South at the University of Texas at Dallas, Richardson, TX, USA","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016706843","display_name":"Steve Hutchinson","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Steve Hutchinson","raw_affiliation_strings":["Computational and Information Sciences Directorate, ICF for the US Army Research Laboratory, Adelphi, MD, USA"],"affiliations":[{"raw_affiliation_string":"Computational and Information Sciences Directorate, ICF for the US Army Research Laboratory, Adelphi, MD, USA","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022319046","display_name":"Erin Zaroukian","orcid":"https://orcid.org/0000-0002-1381-085X"},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Erin G Zaroukian","raw_affiliation_strings":["Human Research and Engineering Directorate, US Army Research Laboratory, Aberdeen Proving Ground, MD, USA"],"affiliations":[{"raw_affiliation_string":"Human Research and Engineering Directorate, US Army Research Laboratory, Aberdeen Proving Ground, MD, USA","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079158233","display_name":"Laura R. Marusich","orcid":"https://orcid.org/0000-0002-3524-6110"},"institutions":[{"id":"https://openalex.org/I189196454","display_name":"The University of Texas at Arlington","ror":"https://ror.org/019kgqr73","country_code":"US","type":"education","lineage":["https://openalex.org/I189196454"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Laura R Marusich","raw_affiliation_strings":["US Army Research Laboratory South at the University of Texas at Arlington, Arlington, TX, USA"],"affiliations":[{"raw_affiliation_string":"US Army Research Laboratory South at the University of Texas at Arlington, Arlington, TX, USA","institution_ids":["https://openalex.org/I189196454"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066004392","display_name":"Saravanan Thirumuruganathan","orcid":"https://orcid.org/0000-0002-1517-480X"},"institutions":[{"id":"https://openalex.org/I92528248","display_name":"Qatar Foundation","ror":"https://ror.org/01cawbq05","country_code":"QA","type":"funder","lineage":["https://openalex.org/I92528248"]}],"countries":["QA"],"is_corresponding":false,"raw_author_name":"Saravanan Thirumuruganathan","raw_affiliation_strings":["Qatar Computing and Research Institute, Qatar Foundation, Doha, Qatar"],"affiliations":[{"raw_affiliation_string":"Qatar Computing and Research Institute, Qatar Foundation, Doha, Qatar","institution_ids":["https://openalex.org/I92528248"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112870503","display_name":"Charmaine Sample","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Charmaine Sample","raw_affiliation_strings":["Computational and Information Sciences Directorate, ICF for the US Army Research Laboratory, Adelphi, MD, USA"],"affiliations":[{"raw_affiliation_string":"Computational and Information Sciences Directorate, ICF for the US Army Research Laboratory, Adelphi, MD, USA","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048968713","display_name":"Blaine Hoffman","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Blaine Hoffman","raw_affiliation_strings":["Human Research and Engineering Directorate, US Army Research Laboratory, Aberdeen Proving Ground, MD, USA"],"affiliations":[{"raw_affiliation_string":"Human Research and Engineering Directorate, US Army Research Laboratory, Aberdeen Proving Ground, MD, USA","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002203026","display_name":"Gautam Das","orcid":"https://orcid.org/0000-0002-4627-9065"},"institutions":[{"id":"https://openalex.org/I189196454","display_name":"The University of Texas at Arlington","ror":"https://ror.org/019kgqr73","country_code":"US","type":"education","lineage":["https://openalex.org/I189196454"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gautam Das","raw_affiliation_strings":["Computer Science and Engineering Department, University of Texas at Arlington, Arlington, TX, USA"],"affiliations":[{"raw_affiliation_string":"Computer Science and Engineering Department, University of Texas at Arlington, Arlington, TX, USA","institution_ids":["https://openalex.org/I189196454"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5084984307"],"corresponding_institution_ids":["https://openalex.org/I162577319","https://openalex.org/I206651237"],"apc_list":{"value":1864,"currency":"USD","value_usd":1864},"apc_paid":{"value":1864,"currency":"USD","value_usd":1864},"fwci":0.3908,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.6383369,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":"4","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9703999757766724,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6777504682540894},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.577942967414856},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.5449418425559998},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5143114328384399},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.4882664680480957},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.4530413746833801},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.4371914863586426},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3409365713596344},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.1778692603111267}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6777504682540894},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.577942967414856},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.5449418425559998},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5143114328384399},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.4882664680480957},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.4530413746833801},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.4371914863586426},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3409365713596344},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.1778692603111267}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.1093/cybsec/tyy007","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyy007","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy007/27239107/tyy007.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"public-domain","license_id":"https://openalex.org/licenses/public-domain","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:1707.03243","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1707.03243","pdf_url":"https://arxiv.org/pdf/1707.03243","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:2735579428","is_oa":true,"landing_page_url":"https://arxiv.org/pdf/1707.03243","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"pmh:oai:figshare.com:article/25931008","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Malware_in_the_future_Forecasting_of_analyst_detection_of_cyber_events/25931008","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"pmh:oai:share.osf.io:461D1-FD8-BDE","is_oa":false,"landing_page_url":"http://api.osf.io/v2/nodes/hjffm/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401127","display_name":"OSF Preprints (OSF Preprints)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2799848540","host_organization_name":"Center for Open Science","host_organization_lineage":["https://openalex.org/I2799848540"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"project"},{"id":"doi:10.48550/arxiv.1707.03243","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.1707.03243","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"doi:10.1093/cybsec/tyy007","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyy007","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy007/27239107/tyy007.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"public-domain","license_id":"https://openalex.org/licenses/public-domain","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G7566015493","display_name":null,"funder_award_id":"1745925","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8181848752","display_name":null,"funder_award_id":"W911NF-15-1-0020","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320338281","display_name":"Army Research Office","ror":"https://ror.org/05epdh915"},{"id":"https://openalex.org/F4320338295","display_name":"Army Research Laboratory","ror":"https://ror.org/011hc8f90"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2735579428.pdf","grobid_xml":"https://content.openalex.org/works/W2735579428.grobid-xml"},"referenced_works_count":59,"referenced_works":["https://openalex.org/W109631643","https://openalex.org/W110555848","https://openalex.org/W621546036","https://openalex.org/W753845210","https://openalex.org/W1415990210","https://openalex.org/W1486034269","https://openalex.org/W1494756088","https://openalex.org/W1521478692","https://openalex.org/W1526169081","https://openalex.org/W1533682228","https://openalex.org/W1947393375","https://openalex.org/W1972309850","https://openalex.org/W1975679745","https://openalex.org/W1978904760","https://openalex.org/W1988918299","https://openalex.org/W1996482171","https://openalex.org/W2004472628","https://openalex.org/W2007087405","https://openalex.org/W2012649175","https://openalex.org/W2016210396","https://openalex.org/W2042905007","https://openalex.org/W2044579390","https://openalex.org/W2045737500","https://openalex.org/W2068181924","https://openalex.org/W2076199148","https://openalex.org/W2077028504","https://openalex.org/W2081290035","https://openalex.org/W2090554969","https://openalex.org/W2099940443","https://openalex.org/W2114463818","https://openalex.org/W2117076645","https://openalex.org/W2146521571","https://openalex.org/W2151557482","https://openalex.org/W2162174678","https://openalex.org/W2307269239","https://openalex.org/W2491980965","https://openalex.org/W2506654222","https://openalex.org/W2549550143","https://openalex.org/W2552664657","https://openalex.org/W2577537660","https://openalex.org/W2593932391","https://openalex.org/W2605817989","https://openalex.org/W2617200927","https://openalex.org/W2623600808","https://openalex.org/W2625313884","https://openalex.org/W2679193193","https://openalex.org/W2749069611","https://openalex.org/W2804048727","https://openalex.org/W2963980822","https://openalex.org/W2964308319","https://openalex.org/W3124625789","https://openalex.org/W6628371068","https://openalex.org/W6631747711","https://openalex.org/W6661222812","https://openalex.org/W6674887505","https://openalex.org/W6676939003","https://openalex.org/W6677459581","https://openalex.org/W6729196857","https://openalex.org/W6739900787"],"related_works":["https://openalex.org/W3106707594","https://openalex.org/W2892859754","https://openalex.org/W1967425545","https://openalex.org/W2002859533","https://openalex.org/W2797537262","https://openalex.org/W2989543999","https://openalex.org/W2907590737","https://openalex.org/W2606833268","https://openalex.org/W2904754882","https://openalex.org/W2182730697","https://openalex.org/W2869624149","https://openalex.org/W2475071036","https://openalex.org/W2101718834","https://openalex.org/W3119729076","https://openalex.org/W24408859","https://openalex.org/W2123918745","https://openalex.org/W3037899794","https://openalex.org/W2212525303","https://openalex.org/W3092331527","https://openalex.org/W3171687382"],"abstract_inverted_index":{"Cyberattacks":[0],"endanger":[1],"physical,":[2],"economic,":[3],"social,":[4],"and":[5,16,21,40,73,194,221,274,300,308,324],"political":[6],"security.":[7],"There":[8],"have":[9,159],"been":[10],"extensive":[11],"efforts":[12],"in":[13,54,141,166,243,311],"government,":[14],"academia,":[15],"industry":[17],"to":[18,158,284,321],"anticipate,":[19],"forecast,":[20],"mitigate":[22],"such":[23,51,186],"cyberattacks.":[24,55,145],"A":[25],"common":[26],"approach":[27],"is":[28,156],"time-series":[29],"forecasting":[30,67,294],"of":[31,62,68,76,82,106,119,122,169,181,191,197,209,237,241,298],"cyberattacks":[32,245],"based":[33],"on":[34,112,144],"data":[35,116,174,253],"from":[36,93,137,254],"network":[37],"telescopes,":[38],"honeypots,":[39],"automated":[41,113],"intrusion":[42],"detection/prevention":[43],"systems.":[44,114],"This":[45,129],"research":[46,143],"has":[47,132],"uncovered":[48],"key":[49],"insights":[50],"as":[52,187],"systematicity":[53,242],"Here,":[56],"we":[57,204,214],"propose":[58],"an":[59],"alternate":[60],"perspective":[61],"this":[63],"problem":[64],"by":[65,152,261,269,319],"performing":[66],"attacks":[69],"that":[70,134,223],"are":[71,163,246],"\u201canalyst-detected\u201d":[72],"\u201c-verified\u201d":[74],"occurrences":[75],"malware.":[77],"We":[78],"call":[79],"these":[80],"instances":[81],"malware":[83],"cyber":[84,123,148,278,292,303,328],"event":[85,293],"data.":[86,170],"Specifically,":[87],"our":[88,154],"dataset":[89,131,155],"was":[90],"analyst-detected":[91,244],"incidents":[92],"a":[94,179,206,216,262,271,285],"large":[95],"operational":[96],"Computer":[97],"Security":[98],"Service":[99],"Provider":[100],"(CSSP)":[101],"for":[102,178,184,276,291,302,327],"the":[103,172,195,235],"US":[104],"Department":[105],"Defense,":[107],"which":[108,162],"rarely":[109],"relies":[110],"only":[111],"Our":[115,239],"set":[117],"consists":[118],"weekly":[120],"counts":[121],"events":[124,149,224,279],"over":[125],"approximately":[126],"7":[127],"years.":[128],"curated":[130],"characteristics":[133],"distinguish":[135],"it":[136],"most":[138],"datasets":[139],"used":[140,177,205,215],"prior":[142],"Since":[146],"all":[147],"were":[150],"validated":[151],"analysts,":[153],"unlikely":[157],"false":[160],"positives":[161],"often":[164],"endemic":[165],"other":[167,255],"sources":[168],"Further,":[171],"higher-quality":[173],"could":[175,228],"be":[176,229],"number":[180],"important":[182],"tasks":[183],"CSSPs":[185],"resource":[188],"allocation,":[189],"estimation":[190],"security":[192],"resources,":[193],"development":[196],"effective":[198],"risk-management":[199],"strategies.":[200],"To":[201],"quantify":[202],"bursts,":[203],"Markov":[207],"model":[208],"state":[210],"transitions.":[211],"For":[212],"forecasting,":[213],"Bayesian":[217],"State":[218],"Space":[219],"Model":[220],"found":[222],"one":[225,280],"week":[226,281],"ahead":[227],"predicted":[230],"with":[231,234,248,266],"reasonable":[232],"accuracy,":[233],"exception":[236],"bursts.":[238],"findings":[240],"consistent":[247],"previous":[249],"work":[250],"using":[251],"cyberattack":[252],"sources.":[256],"The":[257],"advanced":[258],"information":[259],"provided":[260],"forecast":[263],"may":[264,316],"help":[265],"threat":[267,314],"awareness":[268,315],"providing":[270],"probable":[272],"value":[273],"range":[275],"future":[277],"ahead,":[282],"similar":[283],"weather":[286],"forecast.":[287],"Other":[288],"potential":[289],"applications":[290],"include":[295],"proactive":[296],"allocation":[297],"resources":[299],"capabilities":[301,326],"defense":[304],"(e.g.,":[305],"analyst":[306],"staffing":[307],"sensor":[309],"configuration)":[310],"CSSPs.":[312],"Enhanced":[313],"improve":[317],"cybersecurity":[318],"helping":[320],"optimize":[322],"human":[323],"technical":[325],"defense.":[329]},"counts_by_year":[{"year":2020,"cited_by_count":2}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}