Proactive cyber-risk assessment is gaining momentum due to the wide range of sectors that can benefit from the prevention of cyber-incidents by preserving integrity, confidentiality, and the availability of data. The rising attention to ...

• We propose a flexible statistical approach to handle uncertainty in cyber-risk.
• Robust mid-quantile regression is applied to predict cyber-vulnerabilities impact.
• A novel accuracy index is introduced to take into account unknown ...

Open-source threat intelligence is often unstructured and cannot be directly applied to the next detection and defense. By constructing a knowledge graph through open-source threat intelligence, we can better apply this information to intrusion ...

Web applications have become central in the digital landscape, providing users instant access to information and allowing businesses to expand their reach. Injection attacks, such as SQL injection (SQLi), are prominent attacks on web applications,...

The dark web has become notorious for its association with illicit activities and there is a growing need for systems to automate the monitoring of this space. This paper proposes an end-to-end scalable architecture for the continuous early ...

• Developed an Open Source Big Data architecture for analyzing Tor onion services.
• Used near real-time ingestion to extract onion addresses from four types of sources.
• Deployed a daily batch pipeline to preprocess, deduplicate and ...

The extraction of relational triplets in threat intelligence is a critical aspect of constructing a knowledge graph. However, the field encounters challenges like high semantic similarity among entities, limited relevance of entities, and a heavy ...

The escalating complexity and impact of cyber threats require organisations to rehearse responses to cyber-attacks by routinely conducting cyber security exercises. However, the effectiveness of these exercises is limited by the exercise planners’ ...

The daily deluge of alerts is a sombre reality for Security Operations Centre (SOC) personnel worldwide. Those on the front-lines of cybersecurity face the unenviable task of prioritising threats amongst a flood of URLs found within malicious ...

Automated attacks allow adversaries to exploit vulnerabilities in enterprise IT systems at short notice. To identify such attacks as well as new cybersecurity threats, defenders use honeypot systems; these monitored decoy resources mimic ...

Nowadays, new-generation threats often use multiple means or perform several steps to intrude into networks and ultimately reach their objective. These new threats have multi-staged, and we can understand their intrusion pattern from ...

Cyber-attacks, with various emerging attack techniques, are becoming increasingly sophisticated and difficult to deal with, posing great threats to companies and every individual. Therefore, analyzing attack incidents and tracing the attack ...

Cyber Threat Intelligence(CTI) plays an indispensable role in providing evidence-based knowledge to plan defensive strategies against advanced cyber attacks. Most threat intelligence data originate from security researchers, vendor blogs, list of ...

Threat intelligence is the process of collecting and analyzing information about potential cyber threats. Several approaches have been conducted for cyber threat detection based on the federated learning method. These approaches aim to establish a ...

Dark web is an obscured part of the Internet, specifically used for sharing exploits, data breaches, and other means of cybercrime. Dark web forums provide opportunities to share such data and exploits and assign user reputation and ...

We propose APTHunter, a system for prompt detection of Advanced and Persistent Threats (APTs) in early stages. We provide an approach for representing the indicators of compromise that appear in the cyber threat intelligence reports and the relationships ...

With the boom in Internet and information technology, cyber-attacks are becoming more frequent and sophisticated, especially Advanced Persistent Threat (APT) attacks. Unlike traditional attacks, APT attacks are more targeted, stealthy, ...

Display Omitted

• The first review paper on intelligent threat profiling of Advanced Persistent Threat.

The importance of large data analytic systems for cyber security is expanding. Thus, collecting systematically, thoroughly assessing, and synthesizing the literature on architectural techniques for developing such systems is critical. There is a ...

Cyber security risk management plays an important role for today’s businesses due to the rapidly changing threat landscape and the existence of evolving sophisticated cyber attacks. It is necessary for organisations, of any size, but in particular ...

Spear phishing is a complex targeted attack which has rapidly increased in recent years. The traditional email features based on the sender’s behavior portrait cannot accurately characterize the spear phishing email, and the detection is often ...$$$$$$$$$$$$$$$$

The digital evolution of Industry 4.0 enabled Operational Technology infrastructures to operate and remotely maintain cyber-physical systems bridging over IP communications. It has also expanded new attack surfaces and steadily increased the ...