Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization
Today, the Internet security community largely emphasizes cyberspace monitoring for the
purpose of generating cyber intelligence. In this paper, we present a survey on darknet. The …
purpose of generating cyber intelligence. In this paper, we present a survey on darknet. The …
Towards a forecasting model for distributed denial of service activities
C Fachkha, E Bou-Harb… - 2013 IEEE 12th …, 2013 - ieeexplore.ieee.org
Distributed Denial of Service (DDoS) activities continue to dominate today's attack
landscape. This work proposes a DDoS forecasting model to provide significant insights to …
landscape. This work proposes a DDoS forecasting model to provide significant insights to …
On fingerprinting probing activities
Motivated by recent cyber attacks that were facilitated through probing, limited cyber security
intelligence and the lack of accuracy that is provided by scanning detection systems, this …
intelligence and the lack of accuracy that is provided by scanning detection systems, this …
Investigating the dark cyberspace: Profiling, threat-based analysis and correlation
An effective approach to gather cyber threat intelligence is to collect and analyze traffic
destined to unused Internet addresses known as darknets. In this paper, we elaborate on …
destined to unused Internet addresses known as darknets. In this paper, we elaborate on …
A systematic approach for detecting and clustering distributed cyber scanning
We present in this paper an approach that is composed of two techniques that respectively
tackle the issues of detecting corporate cyber scanning and clustering distributed …
tackle the issues of detecting corporate cyber scanning and clustering distributed …
On the inference and prediction of DDoS campaigns
C Fachkha, E Bou‐Harb… - … and Mobile Computing, 2015 - Wiley Online Library
This work proposes a distributed denial‐of‐service (DDoS) inference and forecasting model
that aims at providing insights to organizations, security operators, and emergency response …
that aims at providing insights to organizations, security operators, and emergency response …
A statistical approach for fingerprinting probing activities
Probing is often the primary stage of an intrusion attempt that enables an attacker to
remotely locate, target, and subsequently exploit vulnerable systems. This paper attempts to …
remotely locate, target, and subsequently exploit vulnerable systems. This paper attempts to …
Behavior analysis of long-term cyber attacks in the darknet
Darknet monitoring provides us an effective way to countermeasure cyber attacks that pose
a significant threat to network security and management. This paper aims to characterize the …
a significant threat to network security and management. This paper aims to characterize the …
Csc-detector: A system to infer large-scale probing campaigns
This paper uniquely leverages unsolicited real darknet data to propose a novel system, CSC-
Detector, that aims at identifying Cyber Scanning Campaigns. The latter define a new …
Detector, that aims at identifying Cyber Scanning Campaigns. The latter define a new …
Using scan-statistical correlations for network change analysis
A Cheng, P Dickinson - Trends and Applications in Knowledge Discovery …, 2013 - Springer
Network change detection is a common prerequisite for identifying anomalous behaviours in
computer, telecommunication, enterprise and social networks. Data mining of such networks …
computer, telecommunication, enterprise and social networks. Data mining of such networks …