Darknet Mining And Game Theory For Enhanced Cyber Threat Intelligence

Darknet Mining and Game Theory for Enhanced Cyber Threat Intelligence

Author : John Robertson

Publisher :

Page : 27 pages

File Size : 21,40 MB

Release : 2016

Category :

ISBN :

Get eBook

Book Description

Due to a recent increase in popularity, Darknet hacker marketplaces and forums now provide a rich source of cyber threat intelligence for security analysts. This paper offers background information on Darknet hacker communities and their value to the cybersecurity community before detailing an operational data-collection system that is currently gathering over 300 threat warnings per week, with a precision of around 90% (Nunes 2016). Additionally, we introduce a game theoretic framework designed to leverage the exploit data mined from the Darknet to provide system-specific policy recommendations. For the framework, we provide complexity results, provably near-optimal approximation algorithms, and evaluations on a dataset of real-world exploits.



Darkweb Cyber Threat Intelligence Mining

Author : John Robertson

Publisher : Cambridge University Press

Page : 149 pages

File Size : 50,49 MB

Release : 2017-04-04

Category : Computers

ISBN : 1107185777

Get eBook

Book Description

This book describes techniques and results in cyber threat intelligence from the center of the malicious hacking underworld - the dark web.



Using Computational Intelligence for the Dark Web and Illicit Behavior Detection

Author : Rawat, Romil

Publisher : IGI Global

Page : 336 pages

File Size : 41,97 MB

Release : 2022-05-06

Category : Computers

ISBN : 1668464454

Get eBook

Book Description

The Dark Web is a known hub that hosts myriad illegal activities behind the veil of anonymity for its users. For years now, law enforcement has been struggling to track these illicit activities and put them to an end. However, the depth and anonymity of the Dark Web has made these efforts difficult, and as cyber criminals have more advanced technologies available to them, the struggle appears to only have the potential to worsen. Law enforcement and government organizations also have emerging technologies on their side, however. It is essential for these organizations to stay up to date on these emerging technologies, such as computational intelligence, in order to put a stop to the illicit activities and behaviors presented in the Dark Web. Using Computational Intelligence for the Dark Web and Illicit Behavior Detection presents the emerging technologies and applications of computational intelligence for the law enforcement of the Dark Web. It features analysis into cybercrime data, examples of the application of computational intelligence in the Dark Web, and provides future opportunities for growth in this field. Covering topics such as cyber threat detection, crime prediction, and keyword extraction, this premier reference source is an essential resource for government organizations, law enforcement agencies, non-profit organizations, politicians, computer scientists, researchers, students, and academicians.



Exploring Malicious Hacker Communities

Author : Ericsson Marin

Publisher : Cambridge University Press

Page : 225 pages

File Size : 11,56 MB

Release : 2021-04-29

Category : Computers

ISBN : 1108870082

Get eBook

Book Description

Malicious hackers utilize the World Wide Web to share knowledge. Analyzing the online communication of these threat actors can help reduce the risk of attacks. This book shifts attention from the defender environment to the attacker environment, offering a new security paradigm of 'proactive cyber threat intelligence' that allows defenders of computer networks to gain a better understanding of their adversaries by analyzing assets, capabilities, and interest of malicious hackers. The authors propose models, techniques, and frameworks based on threat intelligence mined from the heart of the underground cyber world: the malicious hacker communities. They provide insights into the hackers themselves and the groups they form dynamically in the act of exchanging ideas and techniques, buying or selling malware, and exploits. The book covers both methodology - a hybridization of machine learning, artificial intelligence, and social network analysis methods - and the resulting conclusions, detailing how a deep understanding of malicious hacker communities can be the key to designing better attack prediction systems.



Game Theory and Machine Learning for Cyber Security

Author : Charles A. Kamhoua

Publisher : John Wiley & Sons

Page : 546 pages

File Size : 10,3 MB

Release : 2021-09-08

Category : Technology & Engineering

ISBN : 1119723949

Get eBook

Book Description

GAME THEORY AND MACHINE LEARNING FOR CYBER SECURITY Move beyond the foundations of machine learning and game theory in cyber security to the latest research in this cutting-edge field In Game Theory and Machine Learning for Cyber Security, a team of expert security researchers delivers a collection of central research contributions from both machine learning and game theory applicable to cybersecurity. The distinguished editors have included resources that address open research questions in game theory and machine learning applied to cyber security systems and examine the strengths and limitations of current game theoretic models for cyber security. Readers will explore the vulnerabilities of traditional machine learning algorithms and how they can be mitigated in an adversarial machine learning approach. The book offers a comprehensive suite of solutions to a broad range of technical issues in applying game theory and machine learning to solve cyber security challenges. Beginning with an introduction to foundational concepts in game theory, machine learning, cyber security, and cyber deception, the editors provide readers with resources that discuss the latest in hypergames, behavioral game theory, adversarial machine learning, generative adversarial networks, and multi-agent reinforcement learning. Readers will also enjoy: A thorough introduction to game theory for cyber deception, including scalable algorithms for identifying stealthy attackers in a game theoretic framework, honeypot allocation over attack graphs, and behavioral games for cyber deception An exploration of game theory for cyber security, including actionable game-theoretic adversarial intervention detection against advanced persistent threats Practical discussions of adversarial machine learning for cyber security, including adversarial machine learning in 5G security and machine learning-driven fault injection in cyber-physical systems In-depth examinations of generative models for cyber security Perfect for researchers, students, and experts in the fields of computer science and engineering, Game Theory and Machine Learning for Cyber Security is also an indispensable resource for industry professionals, military personnel, researchers, faculty, and students with an interest in cyber security.



Ransomware Revolution: The Rise of a Prodigious Cyber Threat

Author : Matthew Ryan

Publisher : Springer Nature

Page : 156 pages

File Size : 33,32 MB

Release : 2021-02-24

Category : Computers

ISBN : 3030665836

Get eBook

Book Description

This book explores the genesis of ransomware and how the parallel emergence of encryption technologies has elevated ransomware to become the most prodigious cyber threat that enterprises are confronting. It also investigates the driving forces behind what has been dubbed the ‘ransomware revolution’ after a series of major attacks beginning in 2013, and how the advent of cryptocurrencies provided the catalyst for the development and increased profitability of ransomware, sparking a phenomenal rise in the number and complexity of ransomware attacks. This book analyzes why the speed of technology adoption has been a fundamental factor in the continued success of financially motivated cybercrime, and how the ease of public access to advanced encryption techniques has allowed malicious actors to continue to operate with increased anonymity across the internet. This anonymity has enabled increased collaboration between attackers, which has aided the development of new ransomware attacks, and led to an increasing level of technical complexity in ransomware attacks. This book highlights that the continuous expansion and early adoption of emerging technologies may be beyond the capacity of conventional risk managers and risk management frameworks. Researchers and advanced level students studying or working in computer science, business or criminology will find this book useful as a reference or secondary text. Professionals working in cybersecurity, cryptography, information technology, financial crime (and other related topics) will also welcome this book as a reference.



Handbook of Research on War Policies, Strategies, and Cyber Wars

Author : Özsungur, Fahri

Publisher : IGI Global

Page : 490 pages

File Size : 31,6 MB

Release : 2023-05-05

Category : Technology & Engineering

ISBN : 1668467429

Get eBook

Book Description

In the new world order, conflicts between countries are increasing. Fluctuations in the economy and imbalances in the distribution of scarce resources to developing countries can result in wars. The effect of the recent COVID-19 pandemic and economic crisis has caused changes in the strategies and policies of countries. Technological changes and developments have also triggered cyber wars. Despite this, many countries prefer to fight on the field. The damage to the international economy of wars, which kills civilians and causes serious damage to developing countries, is a current issue. The Handbook of Research on War Policies, Strategies, and Cyber Wars examines the factors that lead to war and the damages caused by war strategies and policies. It is a guide for future generations to develop constructive policies and strategies for living in a peaceful world. Covering topics such as geopolitical consequences, civil liberty, and terrorism, this major reference work is a dynamic resource for policymakers, strategists, government officials, politicians, sociologists, students and educators of higher education, librarians, researchers, and academicians.



Guide to Vulnerability Analysis for Computer Networks and Systems

Author : Simon Parkinson

Publisher : Springer

Page : 381 pages

File Size : 38,93 MB

Release : 2018-09-04

Category : Computers

ISBN : 3319926241

Get eBook

Book Description

This professional guide and reference examines the challenges of assessing security vulnerabilities in computing infrastructure. Various aspects of vulnerability assessment are covered in detail, including recent advancements in reducing the requirement for expert knowledge through novel applications of artificial intelligence. The work also offers a series of case studies on how to develop and perform vulnerability assessment techniques using start-of-the-art intelligent mechanisms. Topics and features: provides tutorial activities and thought-provoking questions in each chapter, together with numerous case studies; introduces the fundamentals of vulnerability assessment, and reviews the state of the art of research in this area; discusses vulnerability assessment frameworks, including frameworks for industrial control and cloud systems; examines a range of applications that make use of artificial intelligence to enhance the vulnerability assessment processes; presents visualisation techniques that can be used to assist the vulnerability assessment process. In addition to serving the needs of security practitioners and researchers, this accessible volume is also ideal for students and instructors seeking a primer on artificial intelligence for vulnerability assessment, or a supplementary text for courses on computer security, networking, and artificial intelligence.



Darkweb Cyber Threat Intelligence Mining

Author : John Robertson

Publisher : Cambridge University Press

Page : 149 pages

File Size : 26,99 MB

Release : 2017-04-04

Category : Computers

ISBN : 1316949311

Get eBook

Book Description

The important and rapidly emerging new field known as 'cyber threat intelligence' explores the paradigm that defenders of computer networks gain a better understanding of their adversaries by understanding what assets they have available for an attack. In this book, a team of experts examines a new type of cyber threat intelligence from the heart of the malicious hacking underworld - the dark web. These highly secure sites have allowed anonymous communities of malicious hackers to exchange ideas and techniques, and to buy/sell malware and exploits. Aimed at both cybersecurity practitioners and researchers, this book represents a first step toward a better understanding of malicious hacking communities on the dark web and what to do about them. The authors examine real-world darkweb data through a combination of human and automated techniques to gain insight into these communities, describing both methodology and results.



Darknet as a Source of Cyber Threat Intelligence

Author : Claude Fachkha

Publisher :

Page : 222 pages

File Size : 10,91 MB

Release : 2016

Category :

ISBN :

Get eBook

Book Description

Cyberspace has become a massive battlefield between computer criminals and computer security experts. In addition, large-scale cyber attacks have enormously matured and became capable to generate, in a prompt manner, significant interruptions and damage to Internet resources and infrastructure. Denial of Service (DoS) attacks are perhaps the most prominent and severe types of such large-scale cyber attacks. Furthermore, the existence of widely available encryption and anonymity techniques greatly increases the difficulty of the surveillance and investigation of cyber attacks. In this context, the availability of relevant cyber monitoring is of paramount importance. An effective approach to gather DoS cyber intelligence is to collect and analyze traffic destined to allocated, routable, yet unused Internet address space known as darknet. In this thesis, we leverage big darknet data to generate insights on various DoS events, namely, Distributed DoS (DDoS) and Distributed Reflection DoS (DRDoS) activities. First, we present a comprehensive survey of darknet. We primarily define and characterize darknet and indicate its alternative names. We further list other trap-based monitoring systems and compare them to darknet. In addition, we provide a taxonomy in relation to darknet technologies and identify research gaps that are related to three main darknet categories: deployment, traffic analysis, and visualization. Second, we characterize darknet data. Such information could generate indicators of cyber threat activity as well as provide in-depth understanding of the nature of its traffic. Particularly, we analyze darknet packets distribution, its used transport, network and application layer protocols and pinpoint its resolved domain names. Furthermore, we identify its IP classes and destination ports as well as geo-locate its source countries. We further investigate darknet-triggered threats. The aim is to explore darknet inferred threats and categorize their severities. Finally, we contribute by exploring the inter-correlation of such threats, by applying association rule mining techniques, to build threat association rules. Specifically, we generate clusters of threats that co-occur targeting a specific victim. Third, we propose a DDoS inference and forecasting model that aims at providing insights to organizations, security operators and emergency response teams during and after a DDoS attack. Specifically, this work strives to predict, within minutes, the attacks’ features, namely, intensity/rate (packets/sec) and size (estimated number of compromised machines/bots). The goal is to understand the future short-term trend of the ongoing DDoS attacks in terms of those features and thus provide the capability to recognize the current as well as future similar situations and hence appropriately respond to the threat. Further, our work aims at investigating DDoS campaigns by proposing a clustering approach to infer various victims targeted by the same campaign and predicting related features. To achieve our goal, our proposed approach leverages a number of time series and fluctuation analysis techniques, statistical methods and forecasting approaches. Fourth, we propose a novel approach to infer and characterize Internet-scale DRDoS attacks by leveraging the darknet space. Complementary to the pioneer work on inferring DDoS activities using darknet, this work shows that we can extract DoS activities without relying on backscattered analysis. The aim of this work is to extract cyber security intelligence related to DRDoS activities such as intensity, rate and geographic location in addition to various network-layer and flow-based insights. To achieve this task, the proposed approach exploits certain DDoS parameters to detect the attacks and the expectation maximization and k-means clustering techniques in an attempt to identify campaigns of DRDoS attacks. Finally, we conclude this work by providing some discussions and pinpointing some future work.