Sec-Buzzer: cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation

Lee, Kuo-Chan; Hsieh, Cheng-Yu; Wei, Liping; Mao, Ching-Hao; Dai, Jyun-Han; Kuang, Yu-Ting

doi:10.1007/s00500-016-2265-0

Cited by 35 publications

(22 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…traffic [4], unpredicted addresses of packets [5], attributes of requests to databases (DB) [6,7], etc. These articles do not take into account the possibility of parallel formation of reference deviations for the features of anomalies and cyber attacks, which increases the time of RO analysis in ASR (or ISDA) [8].…”

Section: Development Of a System For The Detection Of Cyber Attacks Bmentioning

confidence: 99%

“…We accepted that ct a and ct b are the reference vectors of RO classes, in particular, by the KDD Cup 1999 Data [2,5,7].…”

Section: The Aim and Tasks Of Researchmentioning

confidence: 99%

“…We developed the algorithm that allows us to perform parallel formation of reference tolerances during an analysis of attributes of anomalies and cyber attacks, which are difficult to explain [1,7,16,18]. This approach, when a parallel formation of VAD -({ca K,i }) is performed, makes it possible to change VAD for all attributes at every step of learning simultaneously.…”

Section: Continuation Of Tablementioning

confidence: 99%

See 2 more Smart Citations

Development of a system for the detection of cyber attacks based on the clustering and formation of reference deviations of attributes

Lakhno

Malyukov

Domrachev

et al. 2017

EEJET

View full text Add to dashboard Cite

Section: Development Of a System For The Detection Of Cyber Attacks Bmentioning

confidence: 99%

“…We accepted that ct a and ct b are the reference vectors of RO classes, in particular, by the KDD Cup 1999 Data [2,5,7].…”

Section: The Aim and Tasks Of Researchmentioning

confidence: 99%

Section: Continuation Of Tablementioning

confidence: 99%

See 1 more Smart Citation

Development of a system for the detection of cyber attacks based on the clustering and formation of reference deviations of attributes

Lakhno

Malyukov

Domrachev

et al. 2017

EEJET

View full text Add to dashboard Cite

“…One such work was done by Lee et al with the aim of grouping a set of experts who have highly contributed in the cyber security domain on Twitter and RSS blogs [9]. Their primary research concern was to detect emerging topics on cyber security with the help of automatically uncovering diverse experts as new information providers.…”

Section: Introductionmentioning

confidence: 99%

Automatic Detection of Cyber Security Related Accounts on Online Social Networks

Aslan

Sağlam

2018

Proceedings of the 9th International Conference on Social Media and Society

View full text Add to dashboard Cite

Recent studies have revealed that cyber criminals tend to exchange knowledge about cyber attacks in online social networks (OSNs). Cyber security experts are another set of information providers on OSNs who frequently share information about cyber security incidents and their personal opinions and analyses. Therefore, in order to improve our knowledge about evolving cyber attacks and the underlying human behavior for diferent purposes (e.g., crime investigation, understanding career development and business models of cyber criminals and cyber security professionals, prediction and prevention of impeding cyber attacks), it will be very useful to detect cyber security related accounts on OSNs automatically, and monitor their activities. This paper reports our preliminary work on automatic detection of cyber security related accounts on OSNs using Twitter as an example, which may allow us to discover unknown cyber security experts and cyber criminals for monitoring purposes. Three machine learning based classiication algorithms were applied and compared: decision trees, random forests, and SVM (support vector machines). Experimental results showed that both decision trees and random forests had performed well with an overall accuracy over 95%, and when random forests were used with behavioral features the accuracy had reached as high as 97.877%.

show abstract

“…An essential shortcoming of articles [15,16] is the lack of architectural realization of DSS for the tasks of OBCP IS, which are difficult to formalize. As recognized by authors [16], the majority of similar DSS and ES have been at the stage of testing so far.…”

Section: Introductionmentioning

confidence: 99%

Designing a decision support system for the weakly formalized problems in the provision of cybersecurity

Akhmetov

Lakhno

Boiko

et al. 2017

EEJET

View full text Add to dashboard Cite

When complex situations of the guaranteed provision of OBCP IS arise, the decision-making process should be performed under condition of active interaction with experts; in this case, such an operation proves to be rather labor consuming without computer technologies. Even the initial problem of designing the integrated systems for information protection (ISIP) can be attributed to the weakly formalized problems with incomplete information. Similar tasks include the situations, connected with the recognition of prolonged targeted cyberattacks, which are not distinguished by explicit attributes. Therefore, the subject of the study that addresses the development of models and software (SW) of DSS in the weakly structured and difficult-to-formalize tasks in the provision of OBCP IS appears relevant. Literature review and problem statementAn increase in the number of cyberattacks on MCCS in recent years has generated interest towards the development IntroductionIn connection with the growing number of complex targeted cyberattacks directed at the mission critical computer systems (MCCS), one of the vital problems of society is the information security (IS) and its component -cybersecurity (CS). When conducting targeted attacks, cybercriminals frequently are used unique harmful programs and methods of penetrating the MCCS (objects of cyberprotection -OBCP). Resisting a constant increase in the complexity of illegitimate actions on MCCS is possible, in particular, using the systems for the intelligent recognition of cyberattacks (SIRCA), equipped with the modules for decision support system (DSS). The architecture of the latter implies, as a rule, a system for intelligent data analysis (SIDA or Data Mining). SIRCA make it possible to reveal regularities in the dynamics of development of the OBCP states, combining the knowledge and experience of decision making by experts, as well as the SIDA computational potential. INFORMATION TECHNOLOGY DESIGNING A DECISION SUPPORT SYSTEM FOR THE WEAKLY FORMALIZED PROBLEMS IN THE PROVISION OF CYBERSECURITY B . A k h m e t o v Y . B o i k oAssociate Professor Department of Information Technology Security* E-mail: julia_boyko2010@ukr.net A . M i s h c h e n k oAssociate Professor Department of Information Security Protection* E-mail: partpravo@i.ua *National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058Розроблено систему підтримки при-йняття рішень (СППР) в слабко форма-лізуємих завданнях забезпечення кібер-безпеки. Система базується на моделях опису завдань кіберзахисту в понятійно-му і функціональному аспектах. Описано процес формування бази знань СППР для обставин, пов'язаних з виявленням важко пояснюваних ознак аномалій та атак. Запропонована СППР дозволяє підвищи-ти розуміння ситуації, яка підлягає ана-лізу в процесі кіберзахисту комп'ютерних систем Ключові слова: система підтримки прийняття рішень, кібербезпека, слабо формалізовані завдання, інтерпретація ситуації Разработана система поддержки при-нятия решений (СППР) в слабо формали-зуемых задачах обес...

show abstract

Sec-Buzzer: cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation

Cited by 35 publications

References 8 publications

Development of a system for the detection of cyber attacks based on the clustering and formation of reference deviations of attributes

Development of a system for the detection of cyber attacks based on the clustering and formation of reference deviations of attributes

Automatic Detection of Cyber Security Related Accounts on Online Social Networks

Designing a decision support system for the weakly formalized problems in the provision of cybersecurity

Contact Info

Product

Resources

About