Data Driven Game Theoretic Cyber Threat Mitigation

Robertson, John; Paliath, Vivin; Shakarian, Jana; Thart, Amanda; Shakarian, Paulo

doi:10.1609/aaai.v30i2.19082

Cited by 10 publications

(2 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The accuracy of these models were 99.3%, 98.4%, and 98.8%, respectively, and the MITRE ATT&CK matrix was used to illustrate the outcomes of the malicious le analysis. The authors of the research [12] presented a data-driven security game framework to model an attacker and give the defence policy recommendations. They provide experimental ndings from implementing their framework, for various system con gurations, to real world exploit market data actively mined from the darknet, in addition to giving a formal framework and algorithms to design tactics.…”

Section: Experimental Analysismentioning

confidence: 99%

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

Sangher

Singh

Pandey

2023

Int J Syst Assur Eng Manag

View full text Add to dashboard Cite

As Ransomware encrypts user les to prevent access to infected systems its harmful impacts must be quickly identi ed and remedied. It can be challenging to identify the metrics and parameters to check, especially when using unknown ransomware variants in tests. The proposed work uses machine learning techniques to create a general model that can be used to detect the variations of ransomware families while observing the characteristics of malware. However, early detection is impeded by a dearth of data during the initial phases of an attack, which results in low detection accuracy and a high proportion of false alarms.To overcome these restrictions, our research suggests a revolutionary technique, in machine learning techniques we have proposedRandomClassi er with SMOTE optimizer based on the results received from LazyPredictAutoML and then deep learning algorithm ANN using Root Mean Square Propagation (adam) has been implemented to get the hidden patterns which were not accessible in machine learning approach. Further study focused on improving CNN's performance over RMSProp& Adam, which maintains per-parameter learning rates that are adjusted based on the average of most recent weight gradient magnitudes, using the Adam optimizer. The best option for internet and nonstationary issues is CNN with Adam (e.g. noisy). As gradients grow sparser toward the end of optimization, Adam somewhat surpasses RMSprop. Adam uses CNN and uses the average of the second moments of the gradients (the uncentered variance). The proposed model reported 5.14ms of prediction time and 99.18% accuracy.

show abstract

Section: Experimental Analysismentioning

confidence: 99%

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

Sangher

Singh

Pandey

2023

Int J Syst Assur Eng Manag

View full text Add to dashboard Cite

show abstract

“…This situation has drawn interest in Dark Web-related research in monitoring and extracting information for cyber-threat intelligence [57,58] (CTI) through Dark Web forum analysis [59]. The current works take into account the relationship between suppliers and users and transaction statistic discoveries [60], developing automated approaches for discovering evidence of potential threats within hacker forums to aid in cyber-threat detection [61] and data-driven security game frameworks to model attackers and provide policy recommendations to the defender [62]. The study [63,64] discussed various strategies for monitoring the hidden areas of the Internet and suggested monitoring the DarkNet to find possible dangerous threats and activities [65,66].…”

Section: Literature Reviewmentioning

confidence: 99%

Towards Safe Cyber Practices: Developing a Proactive Cyber-Threat Intelligence System for Dark Web Forum Content by Identifying Cybercrimes

et al. 2023

View full text Add to dashboard Cite

The untraceable part of the Deep Web, also known as the Dark Web, is one of the most used “secretive spaces” to execute all sorts of illegal and criminal activities by terrorists, cybercriminals, spies, and offenders. Identifying actions, products, and offenders on the Dark Web is challenging due to its size, intractability, and anonymity. Therefore, it is crucial to intelligently enforce tools and techniques capable of identifying the activities of the Dark Web to assist law enforcement agencies as a support system. Therefore, this study proposes four deep learning architectures (RNN, CNN, LSTM, and Transformer)-based classification models using the pre-trained word embedding representations to identify illicit activities related to cybercrimes on Dark Web forums. We used the Agora dataset derived from the DarkNet market archive, which lists 109 activities by category. The listings in the dataset are vaguely described, and several data points are untagged, which rules out the automatic labeling of category items as target classes. Hence, to overcome this constraint, we applied a meticulously designed human annotation scheme to annotate the data, taking into account all the attributes to infer the context. In this research, we conducted comprehensive evaluations to assess the performance of our proposed approach. Our proposed BERT-based classification model achieved an accuracy score of 96%. Given the unbalancedness of the experimental data, our results indicate the advantage of our tailored data preprocessing strategies and validate our annotation scheme. Thus, in real-world scenarios, our work can be used to analyze Dark Web forums and identify cybercrimes by law enforcement agencies and can pave the path to develop sophisticated systems as per the requirements.

show abstract

Defending Against Chained Cyber-Attacks by Adversarial Agents

Paliath

Shakarian

2018

Computer Communications and Networks

View full text Add to dashboard Cite

Data Driven Game Theoretic Cyber Threat Mitigation

Cited by 10 publications

References 11 publications

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

Towards Safe Cyber Practices: Developing a Proactive Cyber-Threat Intelligence System for Dark Web Forum Content by Identifying Cybercrimes

Defending Against Chained Cyber-Attacks by Adversarial Agents

Contact Info

Product

Resources

About