scholarly journals Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance

2021 ◽  
Author(s):  
Abel Yeboah-Ofori ◽  
Umar Mukhtar Ismail ◽  
Tymoteusz Swidurski ◽  
Francisca Opoku-Boateng
Keyword(s):  
Machine Learning ◽  
Cyber Threat

scholarly journals Cyber Threat Prediction with Machine Learning

2020 ◽  
Vol 47 (2) ◽  
pp. 203-220
Author(s):  
Arvid Kok ◽  
Ivana Ilic Mestric ◽  
Giavid Valiyev ◽  
Michael Street
Keyword(s):  
Machine Learning ◽  
Cyber Threat

A Novel Enhanced Naïve Bayes Posterior Probability (ENBPP) Using Machine Learning: Cyber Threat Analysis

2020 ◽  
Author(s):  
Ayan Sentuna ◽  
Abeer Alsadoon ◽  
P. W. C. Prasad ◽  
Maha Saadeh ◽  
Omar Hisham Alsadoon
Keyword(s):  
Machine Learning ◽  
Posterior Probability ◽  
Naive Bayes ◽  
Naïve Bayes ◽  
Threat Analysis ◽  
Cyber Threat

scholarly journals ARTIFICIAL INTELLIGENCE: AN INSTRUMENT ENSURING CYBERSECURITY OF THE FINANCIAL SPHERE OR A CYBER THREAT TO BANKS?

Banking law ◽  
2021 ◽  
Vol 1 ◽  
pp. 35-46
Author(s):  
Svetlana S. Gorokhova ◽  
Keyword(s):  
Artificial Intelligence ◽  
Machine Learning ◽  
Banking Sector ◽  
New Technologies ◽  
Financial Sector ◽  
Security Threats ◽  
Cyber Threat

The article examines the growing risks and security threats faced by the financial sector. This problem is currently most relevant, as the increased demand for security in the banking sector encourages the development and introduction of new technologies (including machine learning and artificial intelligence), while at the same time creating new vulnerable areas and related problems.

scholarly journals inTIME: A Machine Learning-Based Framework for Gathering and Leveraging Web Data to Cyber-Threat Intelligence

Electronics ◽  
2021 ◽  
Vol 10 (7) ◽  
pp. 818
Author(s):  
Paris Koloveas ◽  
Thanasis Chantzios ◽  
Sofia Alevizopoulou ◽  
Spiros Skiadopoulos  ◽  
Christos Tryfonopoulos 
Keyword(s):  
Machine Learning ◽  
Web Sites ◽  
Security Analysts ◽  
Holistic View ◽  
Integrated Framework ◽  
Management Platform ◽  
Threat Intelligence ◽  
Wide Range ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

In today’s world, technology has become deep-rooted and more accessible than ever over a plethora of different devices and platforms, ranging from company servers and commodity PCs to mobile phones and wearables, interconnecting a wide range of stakeholders such as households, organizations and critical infrastructures. The sheer volume and variety of the different operating systems, the device particularities, the various usage domains and the accessibility-ready nature of the platforms creates a vast and complex threat landscape that is difficult to contain. Staying on top of these evolving cyber-threats has become an increasingly difficult task that presently relies heavily on collecting and utilising cyber-threat intelligence before an attack (or at least shortly after, to minimize the damage) and entails the collection, analysis, leveraging and sharing of huge volumes of data. In this work, we put forward inTIME, a machine learning-based integrated framework that provides an holistic view in the cyber-threat intelligence process and allows security analysts to easily identify, collect, analyse, extract, integrate, and share cyber-threat intelligence from a wide variety of online sources including clear/deep/dark web sites, forums and marketplaces, popular social networks, trusted structured sources (e.g., known security databases), or other datastore types (e.g., pastebins). inTIME is a zero-administration, open-source, integrated framework that enables security analysts and security stakeholders to (i) easily deploy a wide variety of data acquisition services (such as focused web crawlers, site scrapers, domain downloaders, social media monitors), (ii) automatically rank the collected content according to its potential to contain useful intelligence, (iii) identify and extract cyber-threat intelligence and security artifacts via automated natural language understanding processes, (iv) leverage the identified intelligence to actionable items by semi-automatic entity disambiguation, linkage and correlation, and (v) manage, share or collaborate on the stored intelligence via open standards and intuitive tools. To the best of our knowledge, this is the first solution in the literature to provide an end-to-end cyber-threat intelligence management platform that is able to support the complete threat lifecycle via an integrated, simple-to-use, yet extensible framework.

scholarly journals Sharing Machine Learning Models as Indicators of Compromise for Cyber Threat Intelligence

2021 ◽  
Vol 1 (1) ◽  
pp. 140-163
Author(s):  
Davy Preuveneers ◽  
Wouter Joosen
Keyword(s):  
Machine Learning ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Learning Models ◽  
Security Threat ◽  
Fine Grained ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence ◽  
Machine Learning Models

Cyber threat intelligence (CTI) sharing is the collaborative effort of sharing information about cyber attacks to help organizations gain a better understanding of threats and proactively defend their systems and networks from cyber attacks. The challenge that we address is the fact that traditional indicators of compromise (IoC) may not always capture the breath or essence of a cyber security threat or attack campaign, possibly leading to false alert fatigue and missed detections with security analysts. To tackle this concern, we designed and evaluated a CTI solution that complements the attribute and tagging based sharing of indicators of compromise with machine learning (ML) models for collaborative threat detection. We implemented our solution on top of MISP, TheHive, and Cortex—three state-of-practice open source CTI sharing and incident response platforms—to incrementally improve the accuracy of these ML models, i.e., reduce the false positives and false negatives with shared counter-evidence, as well as ascertain the robustness of these models against ML attacks. However, the ML models can be attacked as well by adversaries that aim to evade detection. To protect the models and to maintain confidentiality and trust in the shared threat intelligence, we extend our previous research to offer fine-grained access to CP-ABE encrypted machine learning models and related artifacts to authorized parties. Our evaluation demonstrates the practical feasibility of the ML model based threat intelligence sharing, including the ability of accounting for indicators of adversarial ML threats.

scholarly journals Classificacção de Ransomware utilizando Algoritmos de Machine Learning

2021 ◽  
Author(s):  
Adriana Medeiros Pinheiro ◽  
George Tassiano Melo Pereira ◽  
Caio Carvalho Moreira ◽  
Claudomiro de Souza Sales Junior
Keyword(s):  
Machine Learning ◽  
Principal Component Analysis ◽  
Feature Extraction ◽  
Principal Component ◽  
Component Analysis ◽  
Automatic Classification ◽  
Malicious Software ◽  
Cyber Threat

Ransomware is a subset of malware that is growing as a serious cyber threat. This malicious software prevents orlimits users from accessing their system until the ransom is paid.The use of Machine Learning (ML) algorithms has been widely used in automatic classification of these attacks. In this paper,we apply the Principal Component Analysis (PCA) techniqueas feature extraction intending to reduce dimensionality of the dataset, then we explore 11 ML algorithms in order to findthe best classifier for ransomware detection. Five comparisonmethods used in the literature were discussed. Nayes Bayesmethod achieved an Accuracy of 100% in one of the methods.

Sign in / Sign up

Export Citation Format

Share Document