MODELLING AND PREDICTING CYBER

HACKING BREACHES BY

SUBMITTED FOR THE PARTIAL FULFILLMENT OF BACHELOR OF TECHNOLOGY

IN

COMPUTER SCIENCE & ENGINEERING

PRESENTED BY :
GUIDED BY :
 B. Sri manikanth. (19541A0555)
 K. Lokesh ramana. (19541A0566)  Pavan Kumar.(M.tech)
 K. Kiran. (19541A0564) Assistant professor,CSE.
 M. Neeraja. (19541A0525)
 V. Yogitha. (19541A0550)

1
 CONTENTS
• INTRODUCTION.
• ABSTRACT.
• SYSTEM ANALYSIS.
 EXISTING SYSTEM.
 DRAWBACKS OF EXISTING SYSTEM.
 PROPOSED SYSTEM.
 ADVANTAGES OF PROPOSED SYSTEM.
• SYSTEM ARCHITECTURE.
• LITERATURE SURVEY.
• SYSTEM REQUIREMENTS.
 HARDWARE REQUIREMENTS.
 SOFTWARE REQUIREMENTS.
• CONCLUSION.
• REFERENCES.
• THANK YOU.
• ANY QUERIES.

2
INTRODUCTION :

A data breach is an incident where information is stolen or taken from a system without the
knowledge or authorization of the system's owner.

A security breach is any incident that results in unauthorized access to computer data,
applications, networks or devices. It results in information being accessed without authorization.
Typically, it occurs when an intruder is able to bypass security mechanisms.

3
ABSTRACT:
Analyzing cyber incident data sets is an important method for deepening our understanding of the evolution of the
threat situation. This is a relatively new research topic, and many studies remain to be done. In this paper, we report a
statistical analysis of a breach incident data set corresponding to 12 years (2005–2017) of cyber hacking activities that
include malware attacks. We show that, in contrast to the findings reported in the literature, both hacking breach incident
inter-arrival times and breach sizes should be modeled by stochastic processes, rather than by distributions because they
exhibit autocorrelations. Then, we propose particular stochastic process models to, respectively, fit the inter-arrival times and
the breach sizes.

4
SYSTEM ANALYSIS:

EXISTING SYSTEM:

The dataset analyzed in only covered the time span from 2000 to 2008 and does not necessarily contain the breach
incidents that are caused by cyber-attacks; the dataset analyzed is more recent, but contains two kinds of incidents: negligent
breaches (i.e., incidents caused by lost, discarded, stolen devices and other reasons) and malicious breaching. Since negligent
breaches represent more human errors than cyber-attacks, we do not consider them in the present study. Because the malicious
breaches studied contain four sub-categories: hacking (including malware), insider, payment card fraud, and unknown, this
study will focus on the hacking sub-category (called hacking breach dataset thereafter), while noting that the other three sub-
categories are interesting on their own and should be analyzed separately.

5
DRAWBACKS OF EXISTING SYSTEM :

o More man power.

o Time consuming.
o Consumes large volume of paper work.
o Needs manual calculations.
o No direct role for the higher officials.
o Efficiency of the existing system is very low.

To avoid all these limitations and make the working more accurately the system needs to be computerized in a
better way.

6
PROPOSED SYSTEM:
In this paper, we make the following three contributions.

 First, we show that both the hacking breach incident interarrival times (reflecting incident frequency) and breach
sizes should be modeled by stochastic processes, rather than by distributions. A particular ARMA-GARCH model
can adequately describe the evolution of the hacking breach sizes, where ARMA is acronym for “Auto Regressive
and Moving Average” and GARCH is acronym for “Generalized Auto Regressive Conditional Heteroskedasticity”.

 Second, we discover a positive dependence between the incidents inter-arrival times and the breach sizes, and show
that this dependence can be adequately described by a particular copula. We also show that when predicting inter-
arrival times and breach sizes, it is necessary to consider the dependence; otherwise, the prediction results are not
accurate.

 Third, we conduct both qualitative and quantitative trend analyses of the cyber hacking breach incidents. We find
that the situation is indeed getting worse in terms of the incidents inter-arrival time because hacking breach
incidents become more and more frequent, but the situation is stabilizing in terms of the incident breach size,
indicating that the damage of individual hacking breach incidents will not get much worse.

7
ADVANTAGES OF PROPOSED SYSTEM :

The system is very simple in design and to be implement. The system requires very low system resources and
the system will work in almost all configurations. It has got following features :

 Minimize manual data entry.

 Minimum time needed for the various processing.
 Greater efficiency.
 User friendliness and interactive.
 Minimum time required.
 The efficiency is improved than the existing system and is up to 90%.

8
ARCHITECTURE:

9
Literature Survey:

TITLE: Copula-based actuarial model for pricing cyber-insurance policies.

AUTHOR: H. Herath and T. Herath
ABSTRACT: Cyber-insurance is often suggested as a tool to manage IT security residual risks but
the accuracy of premiums is still an open question. Thus, practitioners and academics have argued for
more robust and innovative cyber-insurance pricing models. We fill this important gap in the literature
by developing a cyber-insurance model using the emerging copula methodology. The premiums for first
party losses due to virus intrusions are estimated using three types of insurance policy models. Our
approach is the first in the information security literature to integrate standard elements of insurance
risk with the robust copula methodology to determine cyber insurance premiums.

10
SYSTEM REQUIREMENTS:
The project involved analyzing the design of few applications so as to make the application more
users friendly. To do so, it was really important to keep the navigations from one screen to the other well
ordered and at the same time reducing the amount of typing the user needs to do. In order to make the
application more accessible, the browser version had to be chosen so that it is compatible with most of the
Browsers.

11
Hardware Requirements:

For developing the application the following are the Hardware Requirements:

 Processor: Pentium IV or higher

 RAM: 256 MB

 Space on Hard Disk: minimum 512MB

Software Requirements:

 Software Requirements: 1.Python, 2.Django, 3.Mysql, 4.Wampserver.

 Operating Systems Supported: 1.Windows7, 2.Windows8, 3.Windows10, Windows11.

 Functional Requirements: Graphical User interface with the User.

 Debugger and Emulator: Any Browser (Particularly Chrome).

12
CONCLUSION:
We analyzed a hacking breach dataset from the points of view of the incidents inter-arrival time and the breach size,
and showed that they both should be modeled by stochastic processes rather than distributions. The statistical models
developed in this paper show satisfactory fitting and prediction accuracies. In particular, we propose using a copula-based
approach to predict the joint probability that an incident with a certain magnitude of breach size will occur during a future
period of time. Statistical tests show that the methodologies proposed in this paper are better than those which are presented
in the literature, because the latter ignored both the temporal correlations and the dependence between the incidents inter-
arrival times and the breach sizes.

We conducted qualitative and quantitative analyses to draw further insights. We drew a set of cybersecurity insights,
including that the threat of cyber hacking breach incidents is indeed getting worse in terms of their frequency, but not the
magnitude of their damage.

13
REFERENCES:

1. P. R. Clearinghouse, “Privacy rights clearinghouse’s chronology of data breaches.” https://www.privacyrights.org/data-

breaches,
Last accessed on November 9, 2017.

2. I. T. R. Center, “http://www.idtheftcenter.org/2016databreaches.html.”

3. C. R. Center, “Cybersecurity incidents.” https://www.opm.gov/ cybersecurity/cybersecurity-incidents/, Last accessed on

November
9, 2017.

4. I. Security, https://www.ibm.com/security/data-breach/index.html.

5. N. . C. C. Study, “https://netdiligence.com/wp-content/uploads/2016/10/ P02 NetDiligence-2016-Cyber-Claims-Study-

ONLINE.pdf.”

14
THANK
YOU..
15
ANY QUERY ?
PLEASE ASK…

16