Applying Statistics to Hacking and Cyberattacks

Hypothesis testing is the use of statistics to determine the probability that a given hypothesis is true. The usual process of hypothesis testing consists of four steps.

  1. Formulate the null hypothesis  (commonly, that the observations are the result of pure chance) and the alternative hypothesis (commonly, that the observations show a real effect combined with a component of chance variation).

from http://mathworld.wolfram.com/HypothesisTesting.html

261188751_1280x944

Now let us take this way of thinking to the recent elections. Multiple scenarios can be tested.

  1. Clinton Campaign was bad in cyber security and cyber activist/ hackers breached both them as security of state and as candidate to highlight lack of cyber security
  2. Clinton as wife of ex President was not suitable to the ultra liberal cyber activists as conducive to democracy (ie. Bush,Clinton,Clinton,Bush,Bush,Obama,Obama,Clinton– would have been the Presidential roll call)
  3. Sustained hacking by cyber activists is also true for certain opponents ( Clinton had been a key opponent of Manning, Snowden et al)
  4. State players including intelligence agencies usually keep an arm’s length distance to maintain plausible deniability
  5. The CIA and NYTimes were able to firmly pinpoint the Russian Govt backed hackers only a few days after elections even though these activities seemed to have gone over a few years
  6. The FBI was investigating the Clinton (not the Trumps) for irresponsible  cyber security and publicly said BEFORE elections
  7. Both FBI and CIA will see drastic personnel and leadership changes in a new adminsitration
  8. Where is the log data for breach of networks by Russian IP addresses (which does not mean they are in Russia- remember Tor)? Why cant it be shown publicly? Why cant charges be filed in a US court for illegal activity
  9. Quis custodiet ipsos custodes? Who guards the guardians of American cyber space. Even though the US has the largest conventional and nuclear military- do the recent incidents show a colossal underinvestment in cyber warfare and cyber defence by the Pentagon
  10. In God, We trust. Every one else must bring data. Currently the whole hacking, server debate is more like an episode of Big Bang Theory combined with Hackers. Data can and should be published ( just like Enron data was published)
  11. A better statistician /hacker than me can then formulate the hypothesis on who was responsible for breaching and releasing the information from DNC

Author: Ajay Ohri

http://about.me/ajayohri

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s