Survey of attack projection, prediction, and forecasting in cyber security
This paper provides a survey of prediction, and forecasting methods used in cyber security.
Four main tasks are discussed first, attack projection and intention recognition, in which …
Four main tasks are discussed first, attack projection and intention recognition, in which …
False alarm minimization techniques in signature-based intrusion detection systems: A survey
N Hubballi, V Suryanarayanan - Computer Communications, 2014 - Elsevier
A network based Intrusion Detection System (IDS) gathers and analyzes network packets
and report possible low level security violations to a system administrator. In a large network …
and report possible low level security violations to a system administrator. In a large network …
99% false positives: A qualitative study of {SOC} analysts' perspectives on security alarms
In this work, we focus on the prevalence of False Positive (FP) alarms produced by security
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
tools, and Security Operation Centers (SOCs) practitioners' perception of their quality. In an …
Closest-point problems
MI Shamos, D Hoey - 16th Annual Symposium on Foundations …, 1975 - ieeexplore.ieee.org
A number of seemingly unrelated problems involving the proximity of N points in the plane
are studied, such as finding a Euclidean minimum spanning tree, the smallest circle …
are studied, such as finding a Euclidean minimum spanning tree, the smallest circle …
Bothunter: Detecting malware infection through ids-driven dialog correlation.
G Gu, PA Porras, V Yegneswaran, MW Fong… - USENIX Security …, 2007 - usenix.org
We present a new kind of network perimeter monitoring strategy, which focuses on
recognizing the infection and coordination dialog that occurs during a successful malware …
recognizing the infection and coordination dialog that occurs during a successful malware …
Method and system for detecting malicious and/or botnet-related domain names
R Perdisci, W Lee - US Patent 10,027,688, 2018 - Google Patents
A method and system of detecting a malicious and/or botnet-related domain name,
comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a …
comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a …
A survey of visualization systems for network security
H Shiravi, A Shiravi, AA Ghorbani - IEEE Transactions on …, 2011 - ieeexplore.ieee.org
Security Visualization is a very young term. It expresses the idea that common visualization
techniques have been designed for use cases that are not supportive of security-related …
techniques have been designed for use cases that are not supportive of security-related …
Method and system for detecting and responding to attacking networks
D Dagon, N Feamster, W Lee, R Edmonds… - US Patent …, 2013 - Google Patents
A system and method for detecting a first network of compromised computers in a second
network of computers, comprising: collecting Domain Name System (DNS) data for the …
network of computers, comprising: collecting Domain Name System (DNS) data for the …
[PDF][PDF] Who's in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems.
D Formby, P Srinivasan, AM Leonard, JD Rogers… - NDSS, 2016 - ndss-symposium.org
Industrial control system (ICS) networks used in critical infrastructures such as the power
grid present a unique set of security challenges. The distributed networks are difficult to …
grid present a unique set of security challenges. The distributed networks are difficult to …
A systematic survey on multi-step attack detection
Since the beginning of the Internet, cyberattacks have threatened users and organisations.
They have become more complex concurrently with computer networks. Nowadays …
They have become more complex concurrently with computer networks. Nowadays …