Digital security plays an ever-increasing, crucial role in today’s information-based society. The variety of threats and attack patterns has dramatically increased with the advent of digital transformation in our lives. Researchers in both public and private sectors have tried to identify new means to counteract these threats, seeking out-of-the-box ideas and novel approaches. Amongst these, data analytics and artificial intelligence/machine learning tools seem to gain new ground in digital defence. However, such instruments are used mainly offline with the purpose of auditing existing IDS/IDPS solutions. We submit a novel concept for integrating machine learning and analytical tools into a live intrusion detection and prevention solution. This approach is named the Experimental Cyber Attack Detection Framework (ECAD). The purpose of this framework is to facilitate research of on-the-fly security applications. By integrating offline results in real-time traffic analysis, we could determine the type of network access as a legitimate or attack pattern, and discard/drop the latter. The results are promising and show the benefits of such a tool in the early prevention stages of both known and unknown cyber-attack patterns.
Our results revealed an unexpected heterogeneity in the area. We believe that populations from some regions will require treatment as distinct entities when considered in forensic applications.
Data controller organizations are required to keep an up-to-date and detailed list of their processing activities and be prepared to show that list to regulators upon request. This list should include at least the purposes of the processing, the target data and all the parties involved in handling that data. We present a solution for organizing all these information into both relational and non-relational document-oriented databases to facilitate such reports. A technical approach of auditing the implementation degree of the rules introduced by the EU GDPR will better prepare the data controllers in complying to this Regulation. We consider a top-down methodology for processing raw data addressing several types of organizations, with different organizational structures. For all these entities we focus on processes, activities, classes of documents collected and personal data. All these data constitute the basis of the “Records of processing activities” required by the Regulation.
Designing a security solution should rely on having a good knowledge of the protected assets and better develop active responses rather than focus on reactive ones. We argue and prove that malicious activities such as vulnerabilities exploitation and (D)DoS on Web applications can be detected during their respective initial phases. While they may seem distinct, both attack scenarios are observable through abnormal access patterns. Following on this remark, we first analyze Web access logs using association rule mining techniques and identify these malicious traces. This new description of the historical data is then correlated with Web site structure information and mapped over trie data structures. The resulted trie is then used for every new incoming request and we thus identify whether the access pattern is legitimate or not. The results we obtained using this proactive approach show that the potential attacker is denied the required information for orchestrating successful assaults.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.