1,696 Hits in 4.0 sec

Exploitation of Semantic Keywords for Malicious Event Classification [article]

Hyungtae Lee and Sungmin Eum and Joel Levis and Heesung Kwon and James Michaelis and Michael Kolodny
2017 arXiv   pre-print
We further show that incorporating the keyword-driven information into early- and late-fusion approaches can significantly enhance malicious event classification.  ...  Motivated by this observation, we aim to provide an empirical study about how additional information such as semantic keywords can boost up the discrimination of such events.  ...  We provide the community with novel findings based on the empirical study, which verifies the practicality of explicitly using the semantic keyword information for malicious event classification.  ... 
arXiv:1610.06903v2 fatcat:uchwzfrda5b5joar6uxra2wb5q

IOD-CNN: Integrating Object Detection Networks for Event Recognition [article]

Sungmin Eum, Hyungtae Lee, Heesung Kwon, David Doermann
2017 arXiv   pre-print
Many previous methods have showed the importance of considering semantically relevant objects for performing event recognition, yet none of the methods have exploited the power of deep convolutional neural  ...  We present a novel unified deep CNN architecture which integrates architecturally different, yet semantically-related object detection networks to enhance the performance of the event recognition task.  ...  INTRODUCTION To better perform event or action recognition, recently introduced approaches have exploited the importance of considering semantically relevant and distinctive objects.  ... 
arXiv:1703.07431v1 fatcat:h5hjy67gbjdv3p2bq5vwjza3da

More Semantics More Robust

Wei Chen, David Aspinall, Andrew D. Gordon, Charles Sutton, Igor Muttik
2016 Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks - WiSec '16  
By comparing their classification performance on industrial datasets collected across several years, we demonstrate that using semanticsbased features can dramatically improve robustness of malware classifiers  ...  We extract the best-performing syntaxbased features like permissions and API calls, and some semantics-based features like happen-befores and unwanted behaviours, and train classifiers using popular supervised  ...  We will show that semantics-based features dramatically improve the classification performance of the detection of new malware and achieve the best classification performance on the testing dataset for  ... 
doi:10.1145/2939918.2939931 dblp:conf/wisec/ChenAGSM16 fatcat:gpk6xcgkcnh3vdtzc7lund4gnq

Semantics-aware detection of targeted attacks: a survey

Robert Luh, Stefan Marschalek, Manfred Kaiser, Helge Janicke, Sebastian Schrittwieser
2016 Journal in Computer Virology and Hacking Techniques  
To overcome these obstacles, we present a structured review of semantics-aware works that have a high potential for contributing to the analysis or detection of targeted attacks.  ...  In conclusion, we combine new insights and the status quo of current research into the concept of an ideal systemic approach capable of semantically processing and evaluating information from different  ...  The financial support by the Austrian Federal Ministry of Science, Research and Economy and the National Foundation for Research, Technology and Development is gratefully acknowledged.  ... 
doi:10.1007/s11416-016-0273-3 fatcat:flhbpc4uwbandby2adxi62t64u

Malicious PDF Detection Model against Adversarial Attack Built from Benign PDF Containing JavaScript

Ah Reum Kang, Young-Seob Jeong, Se Lyeong Kim, Jiyoung Woo
2019 Applied Sciences  
The proposed model is evaluated against a large collection of malicious and benign PDFs.  ...  We found that random forest, an ensemble algorithm of a decision tree, exhibits a good performance on malware detection and is robust for adversarial samples.  ...  JavaScript in PDF is used for changing document contents in response to some events and restricting the actions of the reader.  ... 
doi:10.3390/app9224764 fatcat:zr7tded7ibduvllyl3wicazwf4

Vulnerability Signatures with Application Classification & Performance Enhancement for IDS/IPS

Arpita D. Patel
2017 International Journal for Research in Applied Science and Engineering Technology  
A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants.  ...  The challenge here is not only to be able to actively monitor large numbers of systems but also to be able to react quickly to different events.  ...  It analyzes the incoming network traffic for malicious activities.  ... 
doi:10.22214/ijraset.2017.10056 fatcat:5jheh4vpmbhq7pxtp4d5b2msna

SAFE-PDF: Robust Detection of JavaScript PDF Malware Using Abstract Interpretation [article]

Alexander Jordan and François Gauthier and Behnaz Hassanshahi and David Zhao
2018 arXiv   pre-print
The popularity of the PDF format and the rich JavaScript environment that PDF viewers offer make PDF documents an attractive attack vector for malware developers.  ...  Currently, state-of-the-art tools either: (1) statically identify PDF malware based on structural similarity to known malicious samples; or (2) dynamically execute the code to detect malicious behavior  ...  Acknowledgment The authors would like to thank Phil Boutros and Joe Keslin from the Oracle Clean Content team for their support.  ... 
arXiv:1810.12490v1 fatcat:w3y3qvejonhelekdwnepotwggi

Understanding multistage attacks by attack-track based visualization of heterogeneous event streams

S. Mathew, R. Giomundo, S. Upadhyaya, M. Sudit, A. Stotz
2006 Proceedings of the 3rd international workshop on Visualization for computer security - VizSEC '06  
We perform aggregation and correlation of these events based on their semantic content to generate Attack Tracks that are displayed to the analyst in real-time.  ...  Our tool, called the Event Correlation for Cyber-Attack Recognition System (EC-CARS) enables the analyst to distinguish and separate an evolving multistage attack from the thousands of events generated  ...  We also express our gratitude to Alion Science and Technology for their contributions to this research.  ... 
doi:10.1145/1179576.1179578 dblp:conf/vizsec/MathewGUSS06 fatcat:7xvt7ywb45ehtcjlfnubilloem

Social Signal Processing for Real-Time Situational Understanding: A Vision and Approach

Kasthuri Jayarajah, Shuochao Yao, Raghava Mutharaju, Archan Misra, Geeth De Mel, Julie Skipper, Tarek Abdelzaher, Michael Kolodny
2015 2015 IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems  
This paper presents a vision of how social media sources can be exploited in the above context to obtain insights about events, groups, and their evolution.  ...  The goal is to develop an information processing framework to help the military obtain real-time situational awareness of physical events by harnessing the combined power of multiple sensing sources to  ...  Department of Energy and the U.S. AFRL. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon.  ... 
doi:10.1109/mass.2015.89 dblp:conf/mass/JayarajahYMMMSA15 fatcat:jniyy7oy6vaqxht3u3i7tg7cby

Automating Penetration Testing Within Ambiguous Testing Environment

Lim Kah Seng, Norafida Ithnin, Syed Zainudeen Mohd Shaid
2018 International Journal of Innovative Computing  
Thus, in this paper, the state-of-the-art of black box web application security scanner is systematically reviewed, to investigate the approaches for detecting web application vulnerability in an ambiguous  ...  The computer was assigned the task of penetrating web application security with penetration testing technique.  ...  These algorithms extract semantics of web forms. Afterward, retrieve suitable input value from a library by searching for the matched keywords using string distance calculation algorithm.  ... 
doi:10.11113/ijic.v8n3.180 fatcat:alfz4ftlnzau3d2czw7p625ika

Distributional Semantics Approach to Detect Intent in Twitter Conversations on Sexual Assaults [article]

Rahul Pandey, Hemant Purohit, Bonnie Stabile, Aubrey Grant
2018 arXiv   pre-print
We then present and evaluate a malicious intent classification model for a Twitter post using semantic features of the intent senses learned with the help of convolutional neural networks.  ...  Lastly, we analyze a Twitter dataset of four months using the intent classification model to study narrative contexts in which malicious intents are expressed and discuss their implications for gender  ...  The specific contributions of this study are the following: 1) We propose a novel malicious intent typology and an intent classification method using distributional semantics for social media messages.  ... 
arXiv:1810.01012v1 fatcat:qpybej2675dendbuai2re2jl3u

What are the attackers doing now? Automating cyber threat intelligence extraction from text on pace with the changing threat landscape: A survey [article]

Md Rayhanur Rahman, Rezvan Mahdavi-Hezaveh, Laurie Williams
2021 arXiv   pre-print
Our work finds ten types of extraction purposes, such as extraction indicators of compromise extraction, TTPs (tactics, techniques, procedures of attack), and cybersecurity keywords.  ...  The goal of this article is to aid cybersecurity researchers understand the current techniques used for cyberthreat intelligence extraction from text through a survey of relevant studies in the literature  ...  The process of extracting IoCs, attack patterns, and cyberthreat event information from text includes the process of CTI-related text classification and keyword extraction.  ... 
arXiv:2109.06808v1 fatcat:tgb7swrslnhppbpg24cyub2sr4

PDF-Malware Detection: A Survey and Taxonomy of Current Techniques [chapter]

Michele Elingiusti, Leonardo Aniello, Leonardo Querzoni, Roberto Baldoni
2018 Advances in Information Security  
This paper surveys existing state of the art about systems for the detection of malicious PDF files and organizes them in a taxonomy that separately considers the used approaches and the data analyzed  ...  Analyzing the content of malicious PDF files to extract the main features that characterize the malware identity and behavior, is a fundamental task for modern threat intelligence platforms that need to  ...  Acknowledgments This present work has been partially supported by a grant of the Italian Presidency of Ministry Council, and by CINI Cybersecurity National Laboratory within the project FilieraSicura:  ... 
doi:10.1007/978-3-319-73951-9_9 fatcat:3dr2jno6gfch5fgqec3bfax75q

Cross-Context News Corpus for Protest Event-Related Knowledge Base Construction

Ali Hürriyetoğlu, Erdem Yörük, Osman Mutlu, Fırat Duruşan, Çağrı Yoltar, Deniz Yüret, Burak Gürel
2021 Data Intelligence  
For each news source, the annotation starts with random samples of news articles and continues with samples drawn using active learning.  ...  We describe a gold standard corpus of protest events that comprise various local and international English language sources from various countries.  ...  Erdem Yörük for his project Emerging Welfare. Çagrı Yoltar is a post-doctoral fellow and the project leader of the "Emerging Welfare" project at Koç University, Turkey.  ... 
doi:10.1162/dint_a_00092 fatcat:zgylu5yjmjev7jqasvi27isnmq

Colored Petri nets as the enabling technology in intrusion detection systems

A. Dolgikh, T. Nykodym, V. Skormin, J. Antonakos, M. Baimukhamedov
2011 2011 - MILCOM 2011 Military Communications Conference  
It constitutes the enabling technology for the described IDS approach, and has many additional applications for modeling and monitoring complex hierarchical systems of discrete events.  ...  After that API functions are combined into malicious functionalities, indicative of malware attack, also using CPN. The advantages of CPN utilization for dynamic code analysis are described.  ...  program classification.  ... 
doi:10.1109/milcom.2011.6127481 dblp:conf/milcom/DolgikhNSAB11 fatcat:jqm76mw3uza3hi5to6ekeiycxa
« Previous Showing results 1 — 15 out of 1,696 results