Predicting cyber attacks with Bayesian networks using unconventional signals

The ability to predict cyber incidents before they occur will help mitigate malicious activities and their impact. This is a challenging task and a departure from intrusion detection where observables of malicious activities are analyzed. Since there is no direct observable before the cyber incident actually happens, the predictive analysis need to be based on non-conventional signals that may or may not be directly related to the potential victim entity. This paper presents our preliminary findings through the use of Bayesian classifier to process signals drawn from global events and social media. The preliminary results show promising prediction performance for an anonymized organization even though the signals are not specific to that organization.