자료유형 | E-Book |
---|---|
개인저자 | Maleh, Yassine, 1987-, editor. Alazab, Mamoun, 1980-, editor. Tawalbeh, Lo'ai, editor. Romdhani, Imed, editor. |
서명/저자사항 | Big data analytics and intelligent systems for cyber threat intelligence /editors, Yassine Maleh, Mamoun Alazab, Loai Tawalbeh, Imed Romdhani. |
형태사항 | 1 online resource. |
총서사항 | River Publishers series in digital security and forensics |
소장본 주기 | Added to collection customer.56279.3 |
ISBN | 9788770227773 8770227772 9781000846713 1000846717 9781003373384 1003373380 9781000846690 1000846695 |
기타표준부호 | 10.1201/9781003373384doi |
내용주기 | Preface xiii List of Figures xv List of Tables xix List of Contributors xxiii List of Abbreviations xxvii Introduction 1 1 Cyber Threat Intelligence Model: An Evaluation of Taxonomies and Sharing Platforms 3 1.1 Introduction 4 1.2 Related Work 5 1.2.1 Limitations of Existing Techniques 9 1.3 Evaluation Criteria 9 1.3.1 Deployment Setup 10 1.3.1.1 Hardware configurations 10 1.3.1.2 Operating system 10 1.4 Taxonomy of Information Security Data Sources 12 1.4.1 Classification Taxonomy 13 1.4.2 Source Type 13 1.4.3 Information Type 13 1.4.4 Integrability 14 1.5 Trust and Anonymity in Threat Intelligence Platforms 20 1.6 Time (Speed) in Threat Intelligence Platforms (TAXII) 22 1.7 Receiving Time in Threat Intelligence Platforms (TAXII) 26 1.8 Conclusion 29 References 29 2 Evaluation of Open-source Web Application Firewalls for Cyber Threat Intelligence 35 2.1 Introduction 36 2.2 Open-source Web Application Firewalls 38 2.2.1 ModSecurity 38 2.2.2 AQTRONIX Webknight 39 2.3 Research Methodology 40 2.3.1 Implementation of ModSecurity and AQTRONIX Webknight 40 2.3.2 Dataset Description 41 2.3.2.1 Payload All The Thing 41 2.3.3 Experiment Environment 42 2.3.4 Evaluation Metrics 43 2.4 Results and Discussion 43 2.4.1 Results 43 2.4.2 Discussion 45 2.5 Recommendations 46 2.6 Conclusion 46 References 47 3 Comprehensive Survey of Location Privacy and Proposed Effective Approach to Protecting the Privacy of LBS Users 49 3.1 Introduction 49 3.2 Models of Privacy Attack 51 3.2.1 Continuous Location Attack 51 3.2.1.1 Query tracking attack 51 3.2.1.2 Attacks of trajectory 51 3.2.1.3 Identity correspondence 51 3.2.1.4 Location tracking attack 52 3.2.1.5 Attack of maximum movement 52 3.2.2 Context Linking Attack 53 3.2.2.1 Attack of personal context linking 55 3.2.2.2 Attack of observation 53 3.2.2.3 Attack of probability distribution 53 3.3 Mechanisms of Privacy Protection 53 3.3.1 Cloaking 54 3.3.2 Cryptography 54 3.3.3 Obfuscation 54 3.3.4 Dummies 55 3.3.5 Mix-zones 55 3.4 Comparison between Privacy Protection Mechanisms 56 3.5 Types of Environment 57 3.6 Principles of Our Contributions 58 3.7 Our Contribution in Euclidean Space ES 59 3.7.1 Method of Selection of Hiding Candidate Set in ES 60 3.7.2 Method of Creating Qualified Hiding Region 61 3.7.3 Operation of Our Approach 61 3.7.4 Hiding Principle of Our Approach 62 3.7.5 Generate Dummies (Dummy Queries) 63 3.8 Experimentation 64 3.9 Comparison with Related Works 65 3.10 Conclusion 67 References 67 4 Analysis of Encrypted Network Traffic using Machine Learning Models 71 4.1 Introduction 72 4.2 Literature Review 73 4.3 Background 74 4.3.1 Supervised Learning 74 4.3.1.1 AdaBoost 74 4.3.1.2 Random forest 75 4.3.2 Unsupervised Learning 75 4.3.2.1 K-Means clustering 75 4.3.3 Semi-Supervised Learning 75 4.3.3.1 Label propagation 75 4.4 Experimental Analysis 76 4.4.1 Dataset 76 4.4.2 Feature Analysis 76 4.4.3 Pre-Processing 78 4.4.4 Model Results 78 4.4.4.1 K-Means clustering 79 4.4.4.2 Metrics 80 4.4.4.3 AdaBoost 80 4.4.4.4 Random forest 80 4.4.4.5 Semi-Supervised label propagation 81 4.5 Discussion and Future Work 83 4.6 Conclusion 84 References 85 5 Comparative Analysis of Android Application Dissection and Analysis Tools for Identifying Malware Attributes 87 5.1 Introduction 88 5.2 Related Works and Present Contributions 88 5.3 Background and Basic Concepts of Android Ecosystem 89 5.3.1 Android Operating System Architecture 89 5.3.2 Android Application Fundamentals 91 5.4 Android Application Malware Attributes and its Dissection Process 92 5.4.1 Android Application Malware Attributes 92 5.4.2 Android Application Malware Dissection 94 5.5 Android Application Dissection and Malware Analysis Tools 96 5.6 Conclusion and Future Work 100 References 101 6 Classifying Android PendingIntent Security using Machine Learning Algorithms 105 6.1 Introduction 106 6.2 Threat Model 106 6.2.1 Observations 108 6.2.2 Our Contributions 109 6.3 Data Collection and Pre-processing 109 6.3.1 Dataset Discussion 109 6.3.2 Dataset 113 6.3.3 Random Oversampling and Outlier Pre-processing 113 6.3.4 Correlation Calculation 114 6.4 Identification of Best Machine Learning Model 117 6.4.1 Confusion Matrix 117 6.4.2 Accuracy 117 6.4.3 Precision 118 6.4.4 Recall 118 6.4.5 F1Score 118 6.4.6 AUC-ROC 118 6.5 Discussion 119 6.6 Related Work 122 6.6.1 Limitations and Future Work 123 6.7 Conclusion 123 References 123 7 Machine Learning and Blockchain Integration for Security Applications 129 7.1 Introduction 130 7.2 Methodology 131 7.3 Background 132 7.4 Blockchain Technology 134 7.4.1 Introduction to Blockchain Technology 134 7.4.2 Applications of Blockchain Technology 136 7.4.2.1 Software-defined network (SDN) specific solutions 137 7.4.2.2 Internet-specific solutions 138 7.4.2.3 IoT-specific solutions 139 7.4.2.4 Cloud storage solutions 139 7.4.3 Smart Contracts 140 7.4.3.1 Blockchain-based smart contracts 140 7.4.3.2 Applications 141 7.4.3.2.1 Internet of Things 141 7.4.3.2.2 Distributed system security 141 7.4.3.3 Finance 142 7.4.3.4 Data Privacy and Reliability 142 7.4.4 Shortcomings of Blockchain Solutions in Cybersecurity 142 7.5 Machine Learning Techniques 144 7.5.1 Introduction 144 7.5.2 Applications in Cybersecurity 144 7.5.2.1 Intrusion detection systems 145 7.5.2.2 Spam detection 146 7.5.2.3 Malware detection 146 7.5.2.4 Phishing detection 147 7.5.3 Shortcomings 147 7.6 Integration of Machine Learning Blockchain Technology 147 7.6.1 Blockchain to Improve Machine Learning 148 7.6.2 Machine Learning to Improve Blockchain Solutions 152 7.6.2.1 Machine learning applications in smart contracts 158 7.7 Future Work 159 7.8 Conclusion 161 References 162 8 Cyberthreat Real-time Detection Based on an Intelligent Hybrid Network Intrusion Detection System 175 8.1 Introduction 176 8.2 Related Works 178 8.3 The Proposed Approach 179 8.3.1 Overview of the Overall Architecture of the Previously Proposed System 179 8.3.2 System Components and Its Operating Principle 181 8.3.3 Limitations and Points of Improvement of the Old NIDS Model 182 8.3.4 The Proposed Model Architecture 183 8.3.5 Components of the Proposed New Model 184 8.3.6 Operating Principle of the Proposed New Model 184 8.4 Experimentation and Results 186 8.4.1 Modeling the Network Baseline 186 8.4.2 Training Dataset ?겁곣굛 CICIDS2017 188 8.4.3 Classification with the Decision Tree Algorithm 189 8.4.4 Discussion 191 8.5 Conclusion 191 References 192 9 Intelligent Malware Detection and Classification using Boosted Tree Learning Paradigm 195 9.1 Introduction 196 9.2 Literature Survey 198 9.3 The Proposed Methodology 199 9.3.1 The Rationale for the Choice of Boosting Classifier 199 9.3.2 Overview 200 9.3.3 Classifiers used for Evaluation 200 9.3.3.1 Decision Tree (DT) 200 9.3.3.2 Random Forest (RF) 201 9.3.3.3 Extra Trees Classifier (ET) 201 9.3.3.4 XGBoost 201 9.3.3.5 Stacked Ensembles 201 9.4 Experimental Results 201 9.4.1 Datasets 201 9.4.1.1 Features of ClaMP Malware Dataset 202 9.4.1.2 Features of BIG2015 Malware Dataset 203 9.5 Results and Discussion 205 9.6 Conclusion 208 References 208 10 Malware and Ransomware Classification, Detection, and Prevention using Artificial Intelligence (AI) Techniques 211 10.1 Introduction 212 10.2 Malware And Ransomware 214 10.3 Artificial Intelligence 215 10.4 Related Work 216 10.5 Malware Detection Using AI 220 10.6 Ransomware Detection 223 10.6.1 Methodology 223 10.6.2 Experiments and Result 223 10.7 Conclusion 227 References 228 11 Detecting High-quality GAN-generated Face Images using Neural Networks 235 11.1 Introduction 236 11.1.1 Organization 237 11.2 State of the Art 237 11.3 Cross Co-occurrences Feature Computation 238 11.4 Evaluation Methodology 240 11.4.1 Datasets 240 11.4.2 Network Architecture 242 11.4.3 Resilience Analysis 243 11.5 Experimental Results 244 11.5.1 Experimental Settings 244 11.5.2 Performance and Robustness of the Detector 245 11.5.3 Performance and Robustness of JPEG-Aware Cross-Co-Net 247 11.6 Conclusion and Future Works 250 References 251 12 Fault Tolerance of Network Routers using Machine Learning Techniques 253 12.1 Introduction 254 12.2 Related Work 255 12.2.1 Comparative Analysis of Existing Methodologies 258 12.3 System Architecture 258 12.3.1 Support Vector Machine (SVM) 260 12.3.2 K-Nearest Neighbor (KNN) 262 12.4 Result Analysis 265 12.5 Conclusion 271 References 271 Index 275 About the Editors 277. |
요약 | In recent years, a considerable amount of effort has been devoted to cyber-threat protection of computer systems which is one of the most critical cybersecurity tasks for single users and businesses since even a single attack can result in compromised data and sufficient losses. Massive losses and frequent attacks dictate the need for accurate and timely detection methods. Current static and dynamic methods do not provide efficient detection, especially when dealing with zero-day attacks. For this reason, big data analytics and machine intelligence-based techniques can be used. This book brings together researchers in the field of big data analytics and intelligent systems for cyber threat intelligence CTI and key data to advance the mission of anticipating, prohibiting, preventing, preparing, and responding to internal security. The wide variety of topics it presents offers readers multiple perspectives on various disciplines related to big data analytics and intelligent systems for cyber threat intelligence applications. Technical topics discussed in the book include: ?겁겷?Big data analytics for cyber threat intelligence and detection ?겁겷?Artificial intelligence analytics techniques ?겁겷?Real-time situational awareness ?겁겷?Machine learning techniques for CTI ?겁겷?Deep learning techniques for CTI ?겁겷?Malware detection and prevention techniques ?겁겷?Intrusion and cybersecurity threat detection and analysis ?겁겷?Blockchain and machine learning techniques for CTI. |
일반주제명 | Computer security. Big data. Artificial intelligence. COMPUTERS / Artificial Intelligence Artificial intelligence. Big data. Computer security. |
언어 | 영어 |
대출바로가기 | https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=3567833 |
인쇄
No. | 등록번호 | 청구기호 | 소장처 | 도서상태 | 반납예정일 | 예약 | 서비스 | 매체정보 |
---|---|---|---|---|---|---|---|---|
1 | WE00023620 | 005.8 | 가야대학교/전자책서버(컴퓨터서버)/ | 대출가능 |