Visible to the public Biblio

Filters: Keyword is threat intelligence information  [Clear All Filters]
2020-07-10
Yang, Ying, Yu, Huanhuan, Yang, Lina, Yang, Ming, Chen, Lijuan, Zhu, Guichun, Wen, Liqiang.  2019.  Hadoop-based Dark Web Threat Intelligence Analysis Framework. 2019 IEEE 3rd Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). :1088—1091.

With the development of network services and people's privacy requirements continue to increase. On the basis of providing anonymous user communication, it is necessary to protect the anonymity of the server. At the same time, there are many threatening crime messages in the dark network. However, many scholars lack the ability or expertise to conduct research on dark-net threat intelligence. Therefore, this paper designs a framework based on Hadoop is hidden threat intelligence. The framework uses HDFS as the underlying storage system to build a HBase-based distributed database to store and manage threat intelligence information. According to the heterogeneous type of the forum, the web crawler is used to collect data through the anonymous TOR tool. The framework is used to identify the characteristics of key dark network criminal networks, which is the basis for the later dark network research.

2018-03-19
Bulusu, S. T., Laborde, R., Wazan, A. S., Barrere, F., Benzekri, A..  2017.  Describing Advanced Persistent Threats Using a Multi-Agent System Approach. 2017 1st Cyber Security in Networking Conference (CSNet). :1–3.

Advanced Persistent Threats are increasingly becoming one of the major concerns to many industries and organizations. Currently, there exists numerous articles and industrial reports describing various case studies of recent notable Advanced Persistent Threat attacks. However, these documents are expressed in natural language. This limits the efficient reusability of the threat intelligence information due to ambiguous nature of the natural language. In this article, we propose a model to formally represent Advanced Persistent Threats as multi-agent systems. Our model is inspired by the concepts of agent-oriented social modelling approaches, generally used for software security requirement analysis.

2017-11-27
Holm, H., Sommestad, T..  2016.  SVED: Scanning, Vulnerabilities, Exploits and Detection. MILCOM 2016 - 2016 IEEE Military Communications Conference. :976–981.

This paper presents the Scanning, Vulnerabilities, Exploits and Detection tool (SVED). SVED facilitates reliable and repeatable cyber security experiments by providing a means to design, execute and log malicious actions, such as software exploits, as well the alerts provided by intrusion detection systems. Due to its distributed architecture, it is able to support large experiments with thousands of attackers, sensors and targets. SVED is automatically updated with threat intelligence information from various services.