Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization
Today, the Internet security community largely emphasizes cyberspace monitoring for the
purpose of generating cyber intelligence. In this paper, we present a survey on darknet. The …
purpose of generating cyber intelligence. In this paper, we present a survey on darknet. The …
A survey of network anomaly visualization
Network anomaly analysis is an emerging subtopic of network security. Network anomaly
refers to the unusual behavior of network devices or suspicious network status. A number of …
refers to the unusual behavior of network devices or suspicious network status. A number of …
Challenges and pitfalls in malware research
As the malware research field became more established over the last two decades, new
research questions arose, such as how to make malware research reproducible, how to …
research questions arose, such as how to make malware research reproducible, how to …
Monitoring darknet access to identify malicious activity
M Sutton - US Patent 8,413,238, 2013 - Google Patents
Systems, methods and apparatus for a distributed security that monitors communications to
identify access attempts to/from darknet addresses. Such attempts can be inferred to be asso …
identify access attempts to/from darknet addresses. Such attempts can be inferred to be asso …
A novel cyber security capability: Inferring internet-scale infections by correlating malware and probing activities
This paper presents a new approach to infer worldwide malware-infected machines by
solely analyzing their generated probing activities. In contrary to other adopted methods, the …
solely analyzing their generated probing activities. In contrary to other adopted methods, the …
DAEDALUS-VIZ: novel real-time 3D visualization for darknet monitoring-based alert system
A darknet is a set of unused IP addresses whose monitoring is an effective way of detecting
malicious activities on the Internet. We have developed an alert system called DAEDALUS …
malicious activities on the Internet. We have developed an alert system called DAEDALUS …
ASNM Datasets: A collection of network attacks for testing of adversarial classifiers and intrusion detectors
In this paper, we present three datasets that have been built from network traffic traces using
ASNM (Advanced Security Network Metrics) features, designed in our previous work. The …
ASNM (Advanced Security Network Metrics) features, designed in our previous work. The …
DKaaS: DARK-KERNEL as a service for active cyber threat intelligence
PVS Charan, G Ratnakaram, H Chunduri… - Computers & …, 2023 - Elsevier
Abstract Cyber Threat Intelligence (CTI) plays an indispensable role in providing evidence-
based knowledge to plan defensive strategies against advanced cyber attacks. Most threat …
based knowledge to plan defensive strategies against advanced cyber attacks. Most threat …
[HTML][HTML] Multidimensional investigation of source port 0 probing
During November 2013, the operational cyber/network security community reported an
unprecedented increase of traffic originating from source port 0. This event was deemed as …
unprecedented increase of traffic originating from source port 0. This event was deemed as …
Practical correlation analysis between scan and malware profiles against zero-day attacks based on darknet monitoring
Considering rapid increase of recent highly organized and sophisticated malwares, practical
solutions for the countermeasures against malwares especially related to zero-day attacks …
solutions for the countermeasures against malwares especially related to zero-day attacks …