Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …

A processing device in one embodiment comprises a processor coupled to a memory and is
configured to obtain internal log data of a computer network of an enterprise, to extract …

The execution of malware in an instrumented sandbox is a widespread approach for the
analysis of malicious code, largely because it sidesteps the difficulties involved in the static …

Botnets continue to be a significant problem on the Internet. Accordingly, a great deal of
research has focused on methods for detecting and mitigating the effects of botnets. Two of …

Malware researchers rely on the observation of malicious code in execution to collect
datasets for a wide array of experiments, including generation of detection models, study of …

This paper introduces a causal model inspired by structural equation modeling that explains
cyber risk outcomes in terms of latent factors measured using reflexive indicators. First, we …

Spam-based advertising is a business. While it has engendered both widespread antipathy
and a multi-billion dollar anti-spam industry, it continues to exist because it fuels a profitable …

Blacklists are commonly used to protect computer systems against the tremendous number
of malware threats. These lists include abusive hosts such as malware sites or botnet …

Cybercriminal activity has exploded in the past decade, with diverse threats ranging from
phishing attacks to botnets and drive-by-downloads afflicting millions of computers …

Spam accounts for a large portion of the email exchange on the Internet. In addition to being
a nuisance and a waste of costly resources, spam is used as a delivery mechanism for many …