Mihailescu et al., 2023 - Google Patents
Unveiling Threats: Leveraging User Behavior Analysis for Enhanced CybersecurityMihailescu et al., 2023
- Document ID
- 17104333461196305436
- Author
- Mihailescu M
- Nita S
- Rogobete M
- Marascu V
- Publication year
- Publication venue
- 2023 15th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)
External Links
Snippet
The rapid evolution of cyber threats has made it imperative for organizations to develop robust cybersecurity strategies. While traditional defense mechanisms focus on network and system-level protection, recent research has highlighted the critical role of understanding …
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11785040B2 (en) | Systems and methods for cyber security alert triage | |
| Awotunde et al. | Intrusion Detection in Industrial Internet of Things Network‐Based on Deep Learning Model with Rule‐Based Feature Selection | |
| Sharma et al. | User behavior analytics for anomaly detection using LSTM autoencoder-insider threat detection | |
| US10686829B2 (en) | Identifying changes in use of user credentials | |
| US11218510B2 (en) | Advanced cybersecurity threat mitigation using software supply chain analysis | |
| Nasir et al. | Behavioral based insider threat detection using deep learning | |
| Lu et al. | Insider threat detection with long short-term memory | |
| Koike et al. | Federated Learning-Based Ransomware Detection via Indicators of Compromise | |
| US20230362200A1 (en) | Dynamic cybersecurity scoring and operational risk reduction assessment | |
| CN111431915A (en) | Lateral movement detection | |
| EP3161656A1 (en) | Probabilistic model for cyber risk forecasting | |
| Alsowail et al. | Empirical detection techniques of insider threat incidents | |
| Kim et al. | SoK: A Systematic Review of Insider Threat Detection. | |
| CN113162794B (en) | Next attack event prediction method and related equipment | |
| CN112637108B (en) | Internal threat analysis method and system based on anomaly detection and emotion analysis | |
| Sarkar et al. | Mining user interaction patterns in the darkweb to predict enterprise cyber incidents | |
| Lambert II | Security analytics: Using deep learning to detect cyber attacks | |
| Mihailescu et al. | Unveiling Threats: Leveraging User Behavior Analysis for Enhanced Cybersecurity | |
| CN118101250A (en) | Network security detection method and system | |
| Anand et al. | HiPeR-Early detection of a ransomware attack using hardware performance counters | |
| Abdullah et al. | Designing Predictive Models for Cybercrime Investigation in Iraq | |
| Roy et al. | GraphCH: A Deep Framework for Assessing Cyber-Human Aspects in Insider Threat Detection | |
| Wei et al. | Age: authentication graph embedding for detecting anomalous login activities | |
| Kuehn et al. | The Notion of Relevance in Cybersecurity: A Categorization of Security Tools and Deduction of Relevance Notions | |
| Prabu et al. | An Automated Intrusion Detection and Prevention Model for Enhanced Network Security and Threat Assessment |