A comparative study on cyber threat intelligence: The security incident response perspective
Cyber Threat Intelligence (CTI) is threat information intended for security purposes.
However, use for incident response demands standardization. This study examines the …
However, use for incident response demands standardization. This study examines the …
Realtime robust malicious traffic detection via frequency domain analysis
Machine learning (ML) based malicious traffic detection is an emerging security paradigm,
particularly for zero-day attack detection, which is complementary to existing rule based …
particularly for zero-day attack detection, which is complementary to existing rule based …
{PhishTime}: Continuous longitudinal measurement of the effectiveness of anti-phishing blacklists
Due to their ubiquity in modern web browsers, anti-phishing blacklists are a key defense
against large-scale phishing attacks. However, sophistication in phishing websites—such as …
against large-scale phishing attacks. However, sophistication in phishing websites—such as …
AttacKG: Constructing technique knowledge graph from cyber threat intelligence reports
Cyber attacks are becoming more sophisticated and diverse, making attack detection
increasingly challenging. To combat these attacks, security practitioners actively summarize …
increasingly challenging. To combat these attacks, security practitioners actively summarize …
TIMiner: Automatically extracting and analyzing categorized cyber threat intelligence from social data
Security organizations increasingly rely on Cyber Threat Intelligence (CTI) sharing to
enhance resilience against cyber threats. However, its effectiveness remains dubious due to …
enhance resilience against cyber threats. However, its effectiveness remains dubious due to …
A different cup of {TI}? the added value of commercial threat intelligence
X Bouwman, H Griffioen, J Egbers, C Doerr… - 29th USENIX security …, 2020 - usenix.org
Commercial threat intelligence is thought to provide unmatched coverage on attacker
behavior, but it is out of reach for many organizations due to its hefty price tag. This paper …
behavior, but it is out of reach for many organizations due to its hefty price tag. This paper …
An analysis of phishing blacklists: Google safe browsing, openphish, and phishtank
S Bell, P Komisarczuk - … of the Australasian Computer Science Week …, 2020 - dl.acm.org
Blacklists play a vital role in protecting internet users against phishing attacks. The
effectiveness of blacklists depends on their size, scope, update speed and frequency, and …
effectiveness of blacklists depends on their size, scope, update speed and frequency, and …
A first look at the crypto-mining malware ecosystem: A decade of unrestricted wealth
S Pastrana, G Suarez-Tangil - Proceedings of the Internet Measurement …, 2019 - dl.acm.org
Illicit crypto-mining leverages resources stolen from victims to mine cryptocurrencies on
behalf of criminals. While recent works have analyzed one side of this threat, ie: web …
behalf of criminals. While recent works have analyzed one side of this threat, ie: web …
Sharing machine learning models as indicators of compromise for cyber threat intelligence
D Preuveneers, W Joosen - Journal of Cybersecurity and Privacy, 2021 - mdpi.com
Cyber threat intelligence (CTI) sharing is the collaborative effort of sharing information about
cyber attacks to help organizations gain a better understanding of threats and proactively …
cyber attacks to help organizations gain a better understanding of threats and proactively …
Threat intelligence quality dimensions for research and practice
A Zibak, C Sauerwein, AC Simpson - Digital Threats: Research and …, 2022 - dl.acm.org
As the adoption and diversity of threat intelligence solutions continue to grow, questions
about their effectiveness, particularly in regards to the quality of the data they provide …
about their effectiveness, particularly in regards to the quality of the data they provide …