Cyber attacks are increasing in every aspect of daily life. There are a number of different technologies around to tackle cyber-attacks, such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, switches, routers etc., which are active round the clock. These systems generate alerts and prevent cyber attacks. This is not a straightforward solution however, as IDSs generate a huge volume of alerts that may or may not be accurate: potentially resulting in a large number of false positives. In most cases therefore, these alerts are too many in number to handle. In addition, it is impossible to prevent cyber-attacks simply by using tools. Instead, it requires greater intelligence in order to fully understand an adversary's motive by analysing various types of Indicator of Compromise (IoC). Also, it is important for the IT employees to have enough knowledge to identify true positive attacks and act according to the incident response process. In this paper, we have proposed a new threat intelligence technique which is evaluated by analysing honeypot log data to identify behaviour of attackers to find attack patterns. To achieve this goal, we have deployed a honeypot on an AWS cloud to collect cyber incident log data. The log data is analysed by using elasticsearch technology namely an ELK (Elasticsearch, Logstash and Kibana) stack.
The understanding of cyber threats to a network is challenging yet rewarding as it allows an organisation to prevent a potential attack. Numerous efforts have been made to predict cyber threat before they occur. To build a threat intelligence framework, an organisation must understand attack data collected from the network events and analyse them to identify the cyber attack artefacts such as IP address, domain name, tools and techniques, username and password, and geographic location of the attacker, which could be used to understand the nature of attack to a system or network. However, it is very difficult or dangerous to collect and analyse live data from a production system. Honeypot technology is well known for mimicking the real system while collecting actual data that can be in near real time in order to monitor the activities on the network. This paper proposes a threat intelligence approach analysing attack data collected using cloud-based web service in order to support the active threat intelligence.
Cyber-attacks have been an increasing threat on people and organisations, which led to massive unpleasant impact. Therefore, there were many solutions to handle cyber-attacks, including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS). These solutions will provide a huge number of alarms that produce more are false positives. Therefore, the IDS tool result should be operated by a human intelligent be filtered effectively the huge amount of alerts to identify true positive attacks and perform accordingly to the incident response rule. This requires the IT employees to have enough knowledge and competency on operating IDS, IPS and incident handling. This paper aims to examine the awareness of cyber security threat among all IT employees, focusing on three domains: Knowledge, Monitoring and Prevention.
Biometric of Intent (BoI) is a Computer Vision (CV) automation, using Artificial Intelligence (AI) techniques, which presents a new approach that extends the reach of the classic biometric identification process. It provides an efficient mechanism which deters the threats raised by unknown individuals who have deceitful intentions and who aim to deploy unlawful operations such as terrorist attacks. In this context, our proposed BoI model is based on a framework constructed upon an automated machine learning facial expression analysis system which can assist law enforcement agencies who intend to deploy a systematic preventive security approach that aims to reduce the risk of potential unlawful attacks by rogue individuals through the evaluation of their emotional state in relation to their malicious intent.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.