Search Results

Most applications will exhibit vulnerabilities that impact their availability, integrity, or confidentiality during their life cycle. Nevertheless, the leading cause for such vulnerabilities is not the application itself but its dependencies. Continuous ...

This article addresses the significant threat posed by rootkits as part of the diverse malware landscape of today. Rootkits enable an attacker to regain access to an already comprised system at root-level making their prompt identification and removal ...

Security Information and Event Management (SIEM) systems play a crucial role in modern cybersecurity by aggregating, correlating, and analyzing vast amounts of security data. As cyber threats continue to evolve, the demand for Next-Generation SIEMs (NG-...

In an era of escalating cyber threats, the imperative for robust and comprehensive cybersecurity measures has never been more pressing. To address this challenge, SYNAPSE presents a pioneering approach by conceptualising, designing, and delivering an ...

The methods of cyberattacks are diversifying year by year, making it difficult to detect attacks.

At our university, we use IDS/IPS to detect attacks from the outside and suspicious communications from the inside to the outside. In addition, we used a ...

When a cyber incident occurs, organizations need to identify the attack's impacts. They have to investigate potentially infected devices as well as certainly infected devices. However, as an organization's network expands, it is difficult to investigate ...

Determining the correct contact person for a particular system or organization is challenging in today’s Internet architecture. However, there are various stakeholders who will need to have such information, such as national security teams, security ...

As malware continues to evolve, deep learning models are increasingly used for malware detection and classification, including image-based classification. However, adversarial attacks can be used to perturb images so as to evade detection by these ...

• Cyber.SCuris integrating cybersecurity methodology and technological artifacts.
• Integration of Healthcare Security Monitoring System functions.
• Use case of health information system university medical center.
• Cybersecurity ...

The recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare ...

Incident handling, a fundamental activity of a cybersecurity incident response team, is a complex discipline that consumes a significant amount of personnel’s time and costs. There are continuous efforts to facilitate incident handling and response in ...

Inevitably, all systems are vulnerable, and none are impervious to attack. Incident response is an important element in maintaining the cyber security posture of organizations. Incident response practitioners often rely on process descriptions in the ...

As more and more security tools provide organizations with cybersecurity capabilities, security analysts are overwhelmed by security events. Resolving these events is challenging due to extensive manual processes, limited financial resources, and human ...

Recent industrial reports show an increased number of cybersecurity incidents, which inflict significant financial losses. Although organisations have been increasing their investments towards information security, incidents continue ...

• Linear IR models are inefficient in responding to the changing threat landscapes.

The rapid development of cross-border e-commerce over the past decade has accelerated the integration of the global economy. At the same time, cross-border e-commerce has increased the prevalence of cybercrime, and the future success of e-commerce ...

In this paper, we describe a system for the continuous collection of data for the needs of network security management. When a cybersecurity incident occurs in the network, the contextual information on the involved assets facilitates estimating the ...

Cyberattacks on the critical infrastructure is a growing concern for businesses, national authorities and public in general. The increasing complexity and connectivity of the critical infrastructure systems have made them susceptible to cyberattacks. ...

Digital forensics are becoming increasingly important for the investigation of computer-related crimes, white-collar crimes and massive hacker attacks. After an incident has been detected an appropriate incident response is usually initiated with the ...

This article discusses the design and specifications of a Socio-Technical Security Information and Event Management System ST-SIEM. This newly-developed artifact addresses an important limitation identified in today incident response practice-the lack ...

Community clouds provide efficient and secure environments for organizations with similar organization structures or business models to host their systems. Since threat analysis and incident response infrastructure and resources can be rapidly shared on ...

The landscape for Incident Response (IR), Disaster Recovery (DR), and Business Continuity Planning (BCP) for social media is changing and growing as the growth of social media itself is just now reaching puberty. An examination of responses by companies ...