8,298 Hits in 5.8 sec

Detecting malicious activities with user-agent-based profiles

Yang Zhang, Hesham Mekky, Zhi-Li Zhang, Ruben Torres, Sung-Ju Lee, Alok Tongaonkar, Marco Mellia
2015 International Journal of Network Management  
The User-Agent (UA) field in the HTTP header carries information on the application, OS, device, etc., and adversaries fake UA strings as a way to evade detection.  ...  Malicious activities have become a primary security threat after hosts are infected.  ...  MALICIOUS UA DETECTION In this section, we demonstrate the utility of the UA analysis in identifying anomalies in host activity and in detecting malicious activities.  ... 
doi:10.1002/nem.1900 fatcat:46z7bpzgifhhtpfqg5hyr2x6zy

SMS-Based Mobile Botnet Detection Framework Using Intelligent Agents

Abdullah J. Alzahrani, Ali A. Ghorbani
2017 Journal of Cyber Security and Mobility  
In this thesis, we propose an SMS-based botnet detection framework using intelligent agents that are used to detect malicious SMS messages and monitor smartphone resources which are typically targeted  ...  The proposed detection framework is based on a multi-layer model which consists of three modules and intelligent agents.  ...  User-Profile Agent: Malicious activities usually wait until the smartphone is in an ideal mode, or after reboot. The user-profile agent registers with the Android profiling agent.  ... 
doi:10.13052/jcsm2245-1439.523 fatcat:dkxeklymibgldpjr5fb6oebo3y

Surviving cyber warfare with a hybrid multiagent-base intrusion prevention system

A. Salah, M. Shouman, H. Faheem
2010 IEEE potentials  
Intrusion prevention systems (IPSs) introduce the technology that enables the network and its hosts to defend themselves with the intelligence to accurately identify and block malicious traffic and activities  ...  The last three stages involve the most harmful malicious activities (mal-wares) that an attacker can perform.  ...  / detection agent Goal based User monitoring agent User-mode activities Analyze user-mode activities and detect deviations from normal profiles Detect user-mode malwares WFP agent Goal  ... 
doi:10.1109/mpot.2009.935611 fatcat:hgdkiqxrq5a3fohsfdtdxn54y4

Who Really Did It? Controlling Malicious Insiders by Merging Biometric Behavior with Detection and Automated Responses

Bruce Gabrielson
2012 2012 45th Hawaii International Conference on System Sciences  
It takes advantage of the combination of near-real-time suspicious activity detection with biometric behavior profiling to reduce profiling false positives and network access controls that enable faster  ...  and more focused responses to detected suspicious activities.  ...  Near-Real-Time Activity Detection Log and log-like analysis of user activities can be used to detect potential malicious sequences.  ... 
doi:10.1109/hicss.2012.643 dblp:conf/hicss/Gabrielson12 fatcat:474vi6zo2rhtxh2w4h5mdfmyem

A Heuristic Reputation Based System to Detect Spam activities in a Social Networking Platform, HRSSSNP [article]

Manoj Rameshchandra Thakur, Sugata Sanyal
2012 arXiv   pre-print
Moreover activities like spam messages create unnecessary traffic and might affect the user base of a social networking platform.  ...  As a result preventing interactions with malicious intent and spam activities becomes crucial.  ...  approaches for spam and malicious agent detection in a social network.  ... 
arXiv:1212.1914v1 fatcat:tgckfgddjrcflbwc4hxspq663i

Agent based Decentralized and Fault Tolerant Intrusion Detection System

Arjun Singh, Surbhi Chauhan, Kamal Kant, Reshma Dokania
2012 International Journal of Computer Applications  
This paper present Mobile Agent Based decentralized and Fault Tolerant Intrusion Detection System to detect user anomalies in windows environment.  ...  This paper focus on the protection of mobile agent from malicious host.  ...  The hypothesis generated percomputer based profile with respect to different users.  ... 
doi:10.5120/7149-9850 fatcat:amwiqgqg5ndhzl7wwxjtel2fsy

PROFIDES - Profile Based Intrusion Detection Approach Using Traffic Behavior over Mobile Ad Hoc Network

R. Saminathan, K. Selvakumar
2010 International Journal of Computer Applications  
This paper presents an overview of various intrusion detection models, identifying its issues, discusses on design and proposes an intrusion detection system using profile based traffic behavior scenario  ...  (PROFIDES), to determine misbehaving nodes by generating alerts based on critical parameters to identify an intrusion activity.  ...  User Profile Check users Figure 1 Modeling of Anomalous User Identification In terms of data treatment, the architecture is a hybrid of a host-based model and a network-based model.  ... 
doi:10.5120/1329-1655 fatcat:vmt6vih72nbq7lt7uaobk2qzem

Holistic VoIP intrusion detection and prevention system

Mohamed Nassar, Saverio Niccolini, Radu State, Thilo Ewald
2007 Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications - IPTComm '07  
The key components of the approach are based on a VoIP-specific honeypot and on an application layer event correlation engine.  ...  Faced with multiple attack vectors, new and comprehensive defensive security solutions for VoIP must emerge from the research community.  ...  In the anomaly-based approach, a statistical profile is created for normal activity of subjects (e.g. user, call session, SIP server) with respect to objects (e.g. network resources, gateway trunks, server  ... 
doi:10.1145/1326304.1326306 dblp:conf/iptcomm/NassarNSE07 fatcat:q6kfz7d6fbctjcqqyldbxxdmpa

Behavioral Study of Users When Interacting with Active Honeytokens

Asaf Shabtai, Maya Bercovitch, Lior Rokach, Ya'akov (Kobi) Gal, Yuval Elovici, Erez Shmueli
2016 ACM Transactions on Privacy and Security  
Active honeytokens are fake digital data objects planted among real data objects and used in an attempt to detect data misuse by insiders.  ...  In this article, we are interested in understanding how users (e.g., employees) behave when interacting with honeytokens, specifically addressing the following questions: Can users distinguish genuine  ...  If we assume that the malicious activity will be detected when an agent misuses a honeytoken, the detection rate equals the probability that each agent received and compromised at least one honeytoken.  ... 
doi:10.1145/2854152 fatcat:mqrcwnye55fslm6tcxdeyk3mku

A Heuristic Reputation Based System to Detect Spam Activities in a Social Networking Platform, HRSSSNP

Manoj Rameshchandra Thakur, Sugata Sanyal
2013 Social Networking  
Moreover activities like spam messages create unnecessary traffic and might affect the user base of a social networking platform.  ...  As a result preventing interactions with malicious intent and spam activities becomes crucial.  ...  similar approaches for spam and malicious agent detection in a social network.  ... 
doi:10.4236/sn.2013.21005 fatcat:bkzwqp3tazhkdklbrvvxkyw4o4

Operational Security Log Analytics for Enterprise Breach Detection

Zhou Li, Alina Oprea
2016 2016 IEEE Cybersecurity Development (SecDev)  
We summarize the algorithms and detection results from our previous work ([13, 20, 21]).  ...  In this paper, we describe a security log analytics framework for proactive breach detection, which we have tested on three applications.  ...  For instance, most user-agent (UA) strings in an enterprise have a large user base, and therefore unpopular UAs are suspicious in this setting.  ... 
doi:10.1109/secdev.2016.015 dblp:conf/secdev/LiO16 fatcat:uiuxac3czvfjpj2lblw5wmhsgm

Detection Of New Attacks On Ubiquitous Services In Cloud Computing And Countermeasures

L. Sellami, D. Idoughi, P. F. Tiako
2017 Zenodo  
This requires the use of security mechanisms to detect malicious behavior in network communications and hosts such as intrusion detection systems (IDS).  ...  Our IDS provides intrusion detection inside and outside cloud computing network. It is a double protection approach: The security user node and the global security cloud computing.  ...  This analysis and detection is based on the user behavior. Fig. 2 shows the framework of IDS activity.  ... 
doi:10.5281/zenodo.1129720 fatcat:g3epxhkbhvc67bbknn356lm6a4

Handsets Malware Threats and Facing Techniques

Marwa M.A, Aliaa A.A, Ebada Sarhan
2011 International Journal of Advanced Computer Science and Applications  
Behavioral -Based Detection: In behavioral-based detection techniques, the behavior of an application is monitored and compared against a set of malicious and/or normal behavior profiles.  ...  users' contact lists and mobility profiles.  ... 
doi:10.14569/ijacsa.2011.021207 fatcat:vqxgtey6hfhz5g7y5y5na2blde

Inner interruption discovery and defense system by using data mining

S. Singaravelan, R. Arun, D. Arunshunmugam, S. Jerina Catherine Joy, D. Murugan
2017 Journal of King Saud University: Computer and Information Sciences  
Network security helps to prevent the network against the intruders from performing malicious activities.  ...  The user's profiles are maintained and compared with the actual dataset using Hellinger distance. A hash function is applied on the incoming messages and they are summarized in the sketch dataset.  ...  In statistical-based IDS, an anomaly score is generated for each activity in comparison with the reference profile.  ... 
doi:10.1016/j.jksuci.2017.09.009 fatcat:cik5abqxszbzpctrsbsatjpdzy

Automatic Derivation and Validation of a Cloud Dataset for Insider Threat Detection

Pamela Carvalllo, Ana R. Cavalli, Natalia Kushik
2017 Proceedings of the 12th International Conference on Software Technologies  
As a proof of concept, we test our model on an airline scheduling application provided by a flight operator, together with proposing realistic threat scenarios for its future detection.  ...  In this paper, we focus on the derivation and validation of the dataset for cloud-based malicious insider threat.  ...  We also have modeled the three profiles with the Factor of being malicious, with different probabilities or discontent.  ... 
doi:10.5220/0006480904800487 dblp:conf/icsoft/CarvallloCK17 fatcat:ek2h6vg455czzky63hw3hysewm
« Previous Showing results 1 — 15 out of 8,298 results