Today threat landscape evolving at the rapid rate with many organization continuously face complex and malicious cyber threats. Cybercriminal equipped by better skill, organized and well-funded than before. Cyber Threat Intelligence (CTI) has become a hot topic and being under consideration for many organization to counter the rise of cyber-attacks. The aim of this paper is to review the existing research related to CTI. Through the literature review process, the most basic question of what CTI is examines by comparing existing definitions to find common ground or disagreements. It is found that both organization and vendors lack a complete understanding of what information is considered to be CTI, hence more research is needed in order to define CTI. This paper also identified current CTI product and services that include threat intelligence data feeds, threat intelligence standards and tools that being used in CTI. There is an effort by specific industry to shared only relevance threat intelligence data feeds such as Financial Services Information Sharing and Analysis Center (FS-ISAC) that collaborate on critical security threats facing by global financial services sector only. While research and development center such as MITRE working in developing a standards format (e.g.; STIX, TAXII, CybOX) for threat intelligence sharing to solve interoperability issue between threat sharing peers. Based on the review for CTI definition, standards and tools, this paper identifies four research challenges in cyber threat intelligence and analyses contemporary work carried out in each. With an organization flooded with voluminous of threat data, the requirement for qualified threat data analyst to fully utilize CTI and turn the data into actionable intelligence become more important than ever. The data quality is not a new issue but with the growing adoption of CTI, further research in this area is needed.
Wireless Body Area Network (WBAN) refers to a group of small intelligent electronic devices placed on the human body to monitor its vital signals. the efficiency of network performance in health care applications is one of the most important prerequisites for designing an effective surveillance system. However, none of the previous studies have succeeded in proposing an effective scheme that could cover the requirements for effective network performance or the development of the WBAN system capable of sending and receiving vital patient data efficiently. The aim of this paper is to enhance the performance of the network in WBAN. In addition, to verify the transfer of patient data from sensors on the body to receivers with the least value of possible packet loss, a solution is developed that can reduce the value of packet loss, end to end delay and increase the value of throughput, relying on confirmation and matching data between the sender and receiver devices. A new scheme known as the Identification Key Scheme (IKS) is proposed based on the newly available 402-405 MHz Medical Implant Communication Service (MICS). The analysis of the network performance was implemented in real WBAN dataset and used the Multi-Parameter Intelligent Monitoring for Intensive Care (MIMIC) database. MIMIC database included the data recorded from 90 Intensive Care Unit (ICU) patients. In this study, OMNET++ was used as the network simulation tool to design and evaluate the proposed scheme. The results showed that IKS was able to reduce number of packet loss and end to end delay with increased throughput. This is an indicator of the ability of IKS in providing efficient network performance between devices in the WBAN application.
Satisfactory cybersecurity protection, encompassing all data security solutions, can only be achieved by adopting a cybersecurity framework that provides a structure and methodology for protecting critical digital assets. In addition, security experts recommend using cybersecurity standards which consist of a collection of best practices to protect organizations from cyber threats. However, many organizations, companies and governments lack experienced personnel in the cybersecurity domain, so they have difficulty adopting a standard approach or cybersecurity framework. Protecting organizations from cyber threats while demonstrating compliance with laws and standards is seen as extremely complex due to the difficulty on choosing the appropriate standard to be used. Moreover, lack of knowledge on the elements needed that offered by the standard is lead to the problem on identifying the started point where the protection will be began. Therefore, in this paper, a literature and the analysis is presented in identifying the elements of cybersecurity standard and framework that can be facilitate the organization or government on choosing the appropriate standard and framework to be used and utilized. The literature review was carried out to understand the various types of cybersecurity standards and frameworks and the analysis is conducted to identify the elements in each of them. In this paper, eight steps are presented and include the types of international standards, which are general, local regulation, as well as specific standards used in the industrial sector, to conclude the findings of the analysis. Furthermore, a relation map is presented using Writing a Literature Review release 2.0 approach to show the relationship between the literature review and future research.
Digital crime inflicts immense damage to users and systems and now it has reached a level of sophistication that makes it difficult to track its sources or origins especially with the advancements in modern computers, networks and the availability of diverse digital devices. Forensic has an important role to facilitate investigations of illegal activities and inappropriate behaviors using scientific methodologies, techniques and investigation frameworks. Digital forensic is developed to investigate any digital devices in the detection of crime. This paper emphasized on the research of traceability aspects in digital forensic investigation process. This includes discovering of complex and huge volume of evidence and connecting meaningful relationships between them. The aim of this paper is to derive a traceability index as a useful indicator in measuring the accuracy and completeness of discovering the evidence. This index is demonstrated through a model (TraceMap) to facilitate the investigator in tracing and mapping the evidence in order to identify the origin of the crime or incident. In this paper, tracing rate, mapping rate and offender identification rate are used to present the level of tracing ability, mapping ability and identifying the offender ability respectively. This research has a high potential of being expanded into other research areas such as in digital evidence presentation.
The increase of malware attacks may increase risk in information technology industry such as Industrial Revolution 4.0 that consists of multiple sectors especially in cyber security. Because of that malware detection technique plays vital role in detecting malware attack that can give high impact towards the cyber world. In accordance with the technique, one of unsupervised machine learning able to detect malware attack by identifying the behavior of the malware; which called clustering technique. Owing to this matter, current research shows a paucity of analysis in detecting malware behavior and limited source that can be used in identifying malware attacks. Thus, this paper introduce clustering detection model by using K-Means clustering approach to detect malware behavior of data registry based on the features of the malware. Clustering techniques that use unsupervised algorithm in machine learning plays an important role in grouping similar malware characteristics by studying the behavior of the malware. Throughout the experiment, malware features were selected and extracted from computer registry data and eventually used in the proposed clustering detection model to be clustered as normal or suspicious behavior. The results of the experiment indicates that this proposed model is capable to cluster normal and suspicious data into two separate groups with high detection rate which is more than 90 percent accuracy. Ultimately, the main contribution based on the findings is the proposed framework can be used to cluster the data with the use of data registry to detect malware.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.