Global Variation in Attack Encounters and Hosting

ABSTRACT: Countries vary greatly in the extent to which their computers encounter and host attacks. Empirically identifying factors behind such variation can provide a sound basis for policies to reduce attacks worldwide. However, the main current approach to identify these factors consists of expert opinions with limited empirical validation. In this work, we empirically test hypotheses regarding social and technological factors behind such international variation. We use Symantec’s Intrusion Prevention System (IPS) telemetry data collected from around 10 million Symantec customers worldwide.

We find that web attacks and fake applications are most prominent in Western Europe and North America. Our results indicate a relationship between countries’ wealth and technological sophistication and attack exposure, indicating that attackers probably target developed countries to maximize their profits. Moreover, Eastern Europe hosts disproportionate quantities of attacks. Our statistical analysis reveals a relationship between attack hosting and the combined effect of widespread corruption and computing resources. Surprisingly, China is not among the top 10 attack hosting countries and Africa hosts the smallest quantities of attacks. Our work has important policy implications.

Ghita Mezzour received a Ph.D. from Carnegie Mellon University in Pittsburgh, PA in May 2015. Her Ph.D. is a joint degree from the Electrical and Computer Engineering Department and the Computation, Organizations and Society Department. Ghita is currently an assistant professor at the International University of Rabat in Morocco. She typically uses data science and computational methods to address problems with strong societal impact. She has used that approach to study international cyber security and youth employability.

Ghita was selected as a Rising Star by MIT’s Electrical Engineering and Computer Science Department in November 2015. She served as a program chair of the 16th International Conference on Hybrid Intelligent Systems and is currently an associate editor of Engineering Applications of Artificial Intelligence.