Improving Forensic Triage Efficiency through Cyber Threat Intelligence

Serketzis, Nikolaos; Katos, Vasilios; Ilioudis, Christos; Baltatzis, Dimitrios; Pangalos, George

doi:10.3390/fi11070162

Cited by 15 publications

(8 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Extended next level research was also conducted in 2019 which was improved version in the study of "A Generic Digital Forensic Readiness Model for BYOD using Honeypot Technology [23]". Also in same direction Intelligent Threat Platform was another study for detecting the incident where accuracy has been analyzed [25]. To increases the accuracy level of malicious activities using audit logs collected from Intelligent Threat sources, accuracy has been analyzed as 90.73%, 96.16 and 93.71% [25].…”

Section: ) Deception Technologymentioning

confidence: 99%

See 1 more Smart Citation

Security Challenges and Cyber Forensic Ecosystem in IoT Driven BYOD Environment

et al. 2020

View full text Add to dashboard Cite

The usage of Internet of Things (IoT)/ Bring Your Own Devices (BYOD) has grown up exponentially, as expected 50 Billion IoT devices by the end of 2020 in the world in smart city environment. Advancement of Human Driven Edge Computing (HEC) with 5 th Generation Internet services also makes this more feasible. Use of IoT and increased demand of IoT/BYOD becomes one of the fundamental needs to increase the organization employee productivity and business agility. But it increased the significant risk of the cyber-attack which is leading a major reason for business disruption and becomes a leading question about getting a cyber secured citizenship in the smart city environment. In order to conduct forensic investigation post incident detection of malicious activities from IoT/BYOD end point is most challenging task. Secured on boarding of untrusted IoT/BYOD end points in the corporate network and detection of threats from this area and security control mechanism required a continuous new abstraction to battle with new threat landscape. A strategic practical approach in this research is presented to detect malicious activities so that organization can adopt to protect the critical and smart city infrastructure. In order to achieve the goal of detecting of malicious activities in IoT/BYOD environment, simulation performed in 3 phases. The 1st phase of the sample performed while BYOD endpoint was outside the organization over the internet without VPN. The 2 nd phase of the simulation was performed where BYOD endpoint was securely onboarded using a corporate wireless network with a secured onboarding process. The 3 rd phase of the test done where IoT/BYOD was outside the organization with a VPN. A unique robust scalable model puts forward with significant result in conclusion for creating a cyber forensic ecosystem in IoT/BYOD environment to enable cyber secured citizenship in era of HEC with 5G and IoT.

show abstract

Section: ) Deception Technologymentioning

confidence: 99%

“…Also in same direction Intelligent Threat Platform was another study for detecting the incident where accuracy has been analyzed [25]. To increases the accuracy level of malicious activities using audit logs collected from Intelligent Threat sources, accuracy has been analyzed as 90.73%, 96.16 and 93.71% [25].…”

Section: ) Deception Technologymentioning

confidence: 99%

Security Challenges and Cyber Forensic Ecosystem in IoT Driven BYOD Environment

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Based on this naive approach, Eberle et al [41] proposed a detector algorithm that applied the graph-based anomaly detection technique, as well as an anomalous insertion, modification, and deletion environment. The authors derived the main features, such as the calculation of real intelligence specific [42] to malicious insiders, and directed their focus towards the capture of insiders in the real world. The authors also derived the formation of synthetic security data applicable to each organization, involving reasonable computational overhead due to the improved algorithm.…”

Section: Insider Threats Based On Non-machine Learning Approach: Statistical Schemementioning

confidence: 99%

Study on Inside Threats Based on Analytic Hierarchy Process

Seo

Kim

2020

Symmetry

View full text Add to dashboard Cite

Insider threats that occur within organizations cause more serious damage than external threats. However, there are many factors that are difficult to determine, such as the definition, classification, and severity of security breaches; hence, it is necessary to analyze system logs and user behavior-based scenarios within organizations. The reality is that qualitative judgment criteria are different for everyone to apply, and there is no detailed verification procedure to compare them objectively. In this study, realistic insider threats were examined through the definition, classification, and correlation/association analysis of various human–machine logs of acts associated with security breaches that occur in an organization. In addition, a quantitative process and decision-making tool were developed for insider threats by establishing various internal information leakage scenarios. As a result, insider threats were assessed quantitatively and a decision-making process was completed that enabled case analysis based on several insider threat scenarios. This study will enable precise modeling of insider threats that occur in real organizations and will support an objective process and a decision-making system to establish a range of required information for security protection measures.

show abstract

“…The attack lasted for three weeks, disrupting emails, real estate sales, water bills, health alerts, and several other services. The annual cost of suffering is increasing rapidly; in fact, the experts have projected it to rise to $6 trillion by 2021 1 [5], [6], [7]. Computer forensics techniques are used in civil, administrative, and criminal cases; however, an intelligent selection of tools is vital in criminal investigations.…”

Section: Introductionmentioning

confidence: 99%

A Comprehensive Survey on Computer Forensics: State-of-the-Art, Tools, Techniques, Challenges, and Future Directions

et al. 2022

View full text Add to dashboard Cite

With the alarmingly increasing rate of cybercrimes worldwide, there is a dire need to combat cybercrimes timely and effectively. Cyberattacks on computing machines leave certain artifacts on target device storage that can reveal the identity and behavior of cyber-criminals if processed and analyzed intelligently. Forensic agencies and law enforcement departments use several digital forensic toolkits, both commercial and open-source, to examine digital evidence. The proposed research survey focuses on identifying the current state-of-the-art digital forensics concepts in existing research, sheds light on research gaps, presents a detailed introduction of different computer forensic domains and forensic toolkits used for computer forensics in the current era. The proposed survey also presents a comparative analysis based on the tool's characteristics to facilitate investigators in tool selection during the forensics process. Finally, the proposed survey identifies and derives current challenges and future research directions in computer forensics.

show abstract

Improving Forensic Triage Efficiency through Cyber Threat Intelligence

Cited by 15 publications

References 21 publications

Security Challenges and Cyber Forensic Ecosystem in IoT Driven BYOD Environment

Security Challenges and Cyber Forensic Ecosystem in IoT Driven BYOD Environment

Study on Inside Threats Based on Analytic Hierarchy Process

A Comprehensive Survey on Computer Forensics: State-of-the-Art, Tools, Techniques, Challenges, and Future Directions

Contact Info

Product

Resources

About