Malicious ssl certificate detection: A step towards advanced persistent threat defence
Advanced Persistent Threat (APT) is one of the most serious types of cyber attacks, which is
a new and more complex version of multistep attack. Within the APT life cycle, continuous …
a new and more complex version of multistep attack. Within the APT life cycle, continuous …
Blacklist-based malicious ip traffic detection
I Ghafir, V Prenosil - 2015 Global Conference on …, 2015 - ieeexplore.ieee.org
At present malicious software or malware has increased considerably to form a serious
threat to Internet infrastructure. It becomes the major source of most malicious activities on …
threat to Internet infrastructure. It becomes the major source of most malicious activities on …
Malicious file hash detection and drive-by download attacks
I Ghafir, V Prenosil - Proceedings of the Second International Conference …, 2016 - Springer
Malicious web content has become the essential tool used by cybercriminals to accomplish
their attacks on the Internet. In addition, attacks that target web clients, in comparison to …
their attacks on the Internet. In addition, attacks that target web clients, in comparison to …
[PDF][PDF] Homomorphic Encryption at Work for Private Analysis of Security Logs.
A Boudguiga, O Stan, H Sedjelmaci, S Carpov - ICISSP, 2020 - scitepress.org
One important component of incident handling in cyber-security is log management. In
practice, different software and/or hardware components of a system such as Intrusion …
practice, different software and/or hardware components of a system such as Intrusion …
A cost-sensitive entropy-based network security situation assessment model
YB Leau, S Manickam - Advanced Science Letters, 2016 - ingentaconnect.com
Network intrusion attempts have been on the rise recently. Researchers have shown an
increased interest in assessing the security situation for entire network instead of single …
increased interest in assessing the security situation for entire network instead of single …
[PDF][PDF] A Simulation Based SIEM Framework to Attribute and Predict Attacks
J Lipilini, F Baiardi - Master's Thesis. Universita di Pisa and Scuola …, 2015 - core.ac.uk
Abstract We present a Security Information and Event Management (SIEM) framework to
correlate, attribute and predict attacks against an ICT system. The output of the assessment …
correlate, attribute and predict attacks against an ICT system. The output of the assessment …
Using s-rules to fire dynamic countermeasures
F Baiardi, J Lipilini, F Tonelli - 2017 25th Euromicro …, 2017 - ieeexplore.ieee.org
We present a rule-based system to dynamically deploy countermeasures against privilege
escalations where a rule includes some n-grams and a countermeasure. An n-gram consists …
escalations where a rule includes some n-grams and a countermeasure. An n-gram consists …
Multi-Agent Based Framework for Time-correlated Alert Detection of Volume Attacks
Recent and emerging cyber-threats have justified the need to keep improving the network
security technologies such as Intrusion Detection Systems (IDSs) to keep it abreast with the …
security technologies such as Intrusion Detection Systems (IDSs) to keep it abreast with the …