Open Access
2017 Attributing hacks with survival trend filtering
Ziqi Liu, Alexander Smola, Kyle Soska, Yu-Xiang Wang, Qinghua Zheng, Jun Zhou
Electron. J. Statist. 11(2): 5311-5341 (2017). DOI: 10.1214/17-EJS1380SI

Abstract

In this paper we describe an algorithm for estimating the provenance of hacks on websites. That is, given properties of sites and the temporal occurrence of attacks, we are able to attribute individual attacks to joint causes and vulnerabilities, as well as estimate the evolution of these vulnerabilities over time. Specifically, we use hazard regression with a time-varying additive hazard function parameterized in a generalized linear form. The activation coefficients on each feature are continuous-time functions over time. We formulate the problem of learning these functions as a constrained variational maximum likelihood estimation problem with total variation penalty and show that the optimal solution is a $0$th order spline (a piecewise constant function) with a finite number of adaptively chosen knots. This allows the inference problem to be solved efficiently and at scale by solving a finite dimensional optimization problem. Extensive experiments on real data sets show that our method significantly outperforms Cox’s proportional hazard model. We also conduct case studies and verify that the fitted functions of the features respond to real-life campaigns.

Citation

Download Citation

Ziqi Liu. Alexander Smola. Kyle Soska. Yu-Xiang Wang. Qinghua Zheng. Jun Zhou. "Attributing hacks with survival trend filtering." Electron. J. Statist. 11 (2) 5311 - 5341, 2017. https://doi.org/10.1214/17-EJS1380SI

Information

Received: 1 June 2017; Published: 2017
First available in Project Euclid: 15 December 2017

zbMATH: 06825048
MathSciNet: MR3738213
Digital Object Identifier: 10.1214/17-EJS1380SI

Keywords: Hazard regression , nonparametrics , Survival analysis , Trend filtering

Vol.11 • No. 2 • 2017
Back to Top