Filters








149 Hits in 5.1 sec

Metadata-Driven Threat Classification of Network Endpoints Appearing in Malware [chapter]

Andrew G. West, Aziz Mohaisen
2014 Lecture Notes in Computer Science  
Our analysis focuses on endpoints' static metadata properties and not network payloads or routing dynamics.  ...  Performance validates this straightforward approach, achieving 99.4% accuracy at binary threat classification and 93% accuracy on the more granular task of severity prediction.  ...  Acknowledgments We thank Verisign iDefense team members Ryan Olsen and Trevor Tonn for their assistance in obtaining and interpreting the malware corpus.  ... 
doi:10.1007/978-3-319-08509-8_9 fatcat:5ccxoe62ozca7dvbvmqh4n4koa

Learning from Context: Exploiting and Interpreting File Path Information for Better Malware Detection [article]

Adarsh Kyadige, Ethan M. Rudd, Konstantin Berlin
2019 arXiv   pre-print
To ensure realistic evaluation, we use a dataset of approximately 10 million samples -- files and file paths from user endpoints of an actual security vendor network.  ...  We find that our model learns useful aspects of the file path for classification, while also learning artifacts from customers testing the vendor's product, e.g., by downloading a directory of malware  ...  for Android malware classification and [3] , in which Bai et al. used multi-view ensembles for PE malware detection [3] .  ... 
arXiv:1905.06987v1 fatcat:e46n6oxt6raidbiwu2pohhiwby

Cyber Supply Chain Threat Analysis and Prediction using Machine Learning and Ontology

Abel Yeboah-Ofori, Haralambos Mouratidis, Umar Ismail, Shareeful Islam, Spyridon Papastergiou
2021 Zenodo  
Cyber Supply Chain (CSC) security requires a secure integrated network among the sub-systems of the inbound and outbound chains.  ...  This paper presents a unique approach that advances the current state of the art on CSC threat analysis and prediction by combining work from three areas: Cyber Threat Intelligence (CTI ), Ontologies,  ...  The results of this paper reflect only the author's view and the Commission is not responsible for any use that may be made of the information it contains.  ... 
doi:10.5281/zenodo.5060198 fatcat:76kvv7iy4rdnlao4kqsuio2e6q

Computer activity learning from system call time series [article]

Curt Hastings, Ronnie Mainieri
2017 arXiv   pre-print
Tested on malware classification, it significantly outperforms current state of the art.  ...  With the system we estimate the total number of malware families created over the last 10 years as 3450, in line with reasonable economic constraints.  ...  At an FPR of 1%, the same system achieves an F 1 score of 0.952. Another approach that appears well suited to identifying malware with system calls employs LSTM networks.  ... 
arXiv:1711.02088v1 fatcat:xo34by3ivveptmgfompgxg6o2u

Ask Me Anything: A Conversational Interface to Augment Information Security Workers [article]

Bobby Filar, Richard J. Seymour, Matthew Park
2017 arXiv   pre-print
In this paper we present Artemis, a conversational interface to endpoint detection and response (EDR) event data.  ...  Security products often create more problems than they solve, drowning users in alerts without providing the context required to remediate threats.  ...  INTRODUCTION Across industries organizations are faced with the growing threat of computer network attacks.  ... 
arXiv:1707.05768v1 fatcat:4mh7umsef5bb7hfgynlx25cnfa

Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence [article]

Vasileios Mavroeidis, Siri Bromander
2021 arXiv   pre-print
Benefits of threat intelligence include increased situational awareness, efficiency in security operation centers, and improved prevention, detection, and response capabilities.  ...  Cyber threat intelligence is the provision of evidence-based knowledge about existing or potential threats.  ...  When new set of process actions with malicious behaviors appear (input from "trans-formed" log files), the ontology can be inferred to see if an instance of suspicious execution is linked to a malware  ... 
arXiv:2103.03530v1 fatcat:2w7dyolppvhexjykmjti6yewly

An Analysis of Malware Trends in Enterprise Networks [article]

Abbas Acar, Long Lu, A. Selcuk Uluagac, Engin Kirda
2019 arXiv   pre-print
because on average 40% of the malware samples, when first appeared, are not detected by most AVs on VirusTotal or not uploaded to VT at all (i.e., never seen in the wild yet).  ...  malware attacks are triggered during the off-times of the employees to be able to silently spread over the networks.  ...  Yajin Zhou for their comments and suggestions, which significantly improve the quality and presentation of this paper.  ... 
arXiv:1910.00508v1 fatcat:mxt72fplsvdh7m3zycarsestm4

Davis Mirilla Dissertation on Impact Task Disengagement in Cyber Security.pdf

Davis Mirilla
2019 Figshare  
Over recent decades, we have moved our workflows, record management, and communications into digital formats driven by computational algorithms that run on the global Internet infrastructure.  ...  This study investigates the effects of Task Disengagement among SOC Analysts, triggered by the stressful workplace of a typical SOC environment.  ...  ACKNOWLEDGEMENTS In completing this work, I want to acknowledge the support I enjoyed from members of Faculty, Seidenberg College in Pace University, members of my family, my employers and a small but  ... 
doi:10.6084/m9.figshare.9785363.v1 fatcat:po66obagnjb6jgnqaso65hybw4

Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection

Luca Caviglione, Michal Choras, Igino Corona, Artur Janicki, Wojciech Mazurczyk, Marek Pawlicki, Katarzyna Wasielewska
2020 IEEE Access  
On this basis, we review the evolution of modern threats in the communication networks, with a particular focus on the techniques employing information hiding.  ...  The survey is concluded with the description of potential future research directions in the field of malware detection.  ...  Despite the good accuracy, even the use of DL-based techniques appeared to be of scarce effectiveness when in the presence of threats using complex code obfuscation.  ... 
doi:10.1109/access.2020.3048319 fatcat:tatdk6pzczgp3aylvbxoxabuta

Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence

Vasileios Mavroeidis, Siri Bromander
2017 2017 European Intelligence and Security Informatics Conference (EISIC)  
Benefits of threat intelligence include improved efficiency and effectiveness in security operations in terms of detective and preventive capabilities.  ...  Threat intelligence is the provision of evidence-based knowledge about existing or potential threats.  ...  The current most common bases for attribution claims include [41] timestamps in executable files; strings, debug paths, and metadata in binary sources such as malware and infected documents; reuse of  ... 
doi:10.1109/eisic.2017.20 dblp:conf/eisic/MavroeidisB17 fatcat:rvhnodachjf33gmosmpuytbspq

Experimental Cyber Attack Detection Framework

Cătălin Mironeanu, Alexandru Archip, Cristian-Mihai Amarandei, Mitică Craus
2021 Electronics  
The variety of threats and attack patterns has dramatically increased with the advent of digital transformation in our lives.  ...  By integrating offline results in real-time traffic analysis, we could determine the type of network access as a legitimate or attack pattern, and discard/drop the latter.  ...  Gheorghit ,ȃ is a system and network engineer at the "Gheorghe Asachi" Technical University of Iasi, Romania.  ... 
doi:10.3390/electronics10141682 fatcat:h4tpj4ihkvfanhn6fpmwkjwqjy

Malicious Network Traffic Detection via Deep Learning: An Information Theoretic View [article]

Erick Galinkin
2020 arXiv   pre-print
This means that for some datasets and tasks, neural networks require meaningful, human-driven feature engineering or changes in architecture to provide enough information for the neural network to generate  ...  We consider an Android malware traffic dataset for approaching this problem.  ...  As such, we need to leverage this same machine learning technology to perform endpoint-agnostic network detection of malware threats.  ... 
arXiv:2009.07753v1 fatcat:fqn2q67rk5cl7m7kapdevkibvi

Beyond the virus: a first look at coronavirus-themed Android malware

Liu Wang, Ren He, Haoyu Wang, Pengcheng Xia, Yuanchun Li, Lei Wu, Yajin Zhou, Xiapu Luo, Yulei Sui, Yao Guo, Guoai Xu
2021 Empirical Software Engineering  
In this paper, we present the first systematic study of coronavirus-themed Android malware.  ...  Furthermore, only a quarter of the COVID-19 malware creators are habitual developers who have been active for a long time, while 75% of them are newcomers in this pandemic.  ...  Acknowledgements This work was supported by the National Natural Science Foundation of China (grant numbers 62072046 and 61702045) and Hong Kong RGC Projects (No. 152279/16E, CityU C1008-16G).  ... 
doi:10.1007/s10664-021-09974-4 pmid:34149303 pmcid:PMC8196937 fatcat:nbhdypizhnfiplmehxtbdyxvni

Identifying Symmetric-Key Algorithms Using CNN in Intel Processor Trace

Wooyeol Yang, Yongsu Park
2021 Electronics  
In particular, CNNs (convolution neural networks) are deep-learning algorithms with superior performance, as compared to existing machine-learning algorithms in image classification.  ...  Recently, various studies have been underway to identify cryptography algorithms in malware or ransomware that use anti-reversing technology via deep-learning technology.  ...  According to the application delivery networking company F5 Inc., malware makers encrypt their own malware so that it is not detected by most malware detectors [9] .  ... 
doi:10.3390/electronics10202491 fatcat:yjvi25e5ijdqbj5wm2ij6ha27i

Beyond the Virus: A First Look at Coronavirus-themed Mobile Malware [article]

Liu Wang, Ren He, Haoyu Wang, Pengcheng Xia, Yuanchun Li, Lei Wu, Yajin Zhou, Xiapu Luo, Yulei Sui, Yao Guo, Guoai Xu
2021 arXiv   pre-print
In this paper, we present the first systematic study of coronavirus-themed Android malware.  ...  Furthermore, only a quarter of the COVID-19 malware creators are habitual developers who have been active for a long time, while 75% of them are newcomers in this pandemic.  ...  In this work, we follow the malware categories provided by Microsoft [22] for COVID-19 themed malware classification.  ... 
arXiv:2005.14619v3 fatcat:qhv3nk6ad5bovo4yjbxqquzz3y
« Previous Showing results 1 — 15 out of 149 results