IEEE Access (Jan 2024)

Evolving Malware and DDoS Attacks: Decadal Longitudinal Study

  • Olufunsho I. Falowo,
  • Murat Ozer,
  • Chengcheng Li,
  • Jacques Bou Abdo

DOI
https://doi.org/10.1109/ACCESS.2024.3376682
Journal volume & issue
Vol. 12
pp. 39221 – 39237

Abstract

Read online

This study conducts analysis of cybersecurity events from 2013 to 2023, concentrating on major incidents associated with Distributed Denial of Service (DDoS), and malware attacks. Deriving data from the Center for Strategic & International Studies (CSIS) report, it examines 925 major incidents to discern evolving cyber threat trends. A key finding is the escalation in the frequency and sophistication of attacks, with a marked increase in DDoS incidents in 2022 and a steady rise in malware attacks, peaking in 2023. This trend indicates growing threat actors’ capabilities and vulnerabilities in digital infrastructures. Additionally, the aggregate of other attack methods, such as phishing and zero-day exploits, surpasses the incidence of DDoS and malware attacks, illustrating the broad spectrum of cyber threats. Employing the ARIMA model, the study projects future DDoS and malware attack trends, factoring in historical data and assumptions of minimal technological advancement and unchanged geopolitical tensions. The forecast suggests a consistent pattern of cyber attacks over the next five years. This study also correlates the nature of cyber attacks with financial motives and geopolitical dynamics, applying reliability and validity testing to affirm the robustness of these findings. Despite ARIMA providing reliable historical-based forecasts, the dynamic nature of cyber threats necessitates cautious interpretation of future trends. In conclusion, the study emphasizes the necessity for dynamic, multifaceted cybersecurity strategies. Nations and organizations must adopt adaptive approaches, bolstered by data analysis and forecasts - crucial in combating the diverse cyber threats, highlighting the need for a proactive and collaborative global cybersecurity framework.

Keywords