Kim et al., 2014 - Google Patents
Involvers' behavior-based modeling in cyber targeted attackKim et al., 2014
View PDF- Document ID
- 3402417725900545698
- Author
- Kim Y
- Kim I
- Publication year
- Publication venue
- Proceedings of SECURWARE
External Links
Snippet
Cyber targeted attack has sophisticated techniques using malwares to exploit vulnerabilities in systems and an external command and control is continuously monitoring and extracting data off a specific target. Since this attacking process is working continuously and uses …
- 230000006399 behavior 0 abstract description 25
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9055093B2 (en) | Method, system and computer program product for detecting at least one of security threats and undesirable computer files | |
| CA2966408C (en) | A system and method for network intrusion detection of covert channels based on off-line network traffic | |
| Saleem et al. | Sok: Anatomy of data breaches | |
| CN113660224B (en) | Situation awareness defense method, device and system based on network vulnerability scanning | |
| Kyaw et al. | Dictionary attack on Wordpress: Security and forensic analysis | |
| Akiyama et al. | HoneyCirculator: distributing credential honeytoken for introspection of web-based attack cycle | |
| Mozumder et al. | Cloud computing security breaches and threats analysis | |
| CN108768989A (en) | It is a kind of using the APT attack defense methods of mimicry technology, system | |
| Rasheed et al. | Threat hunting using grr rapid response | |
| CN112165488A (en) | Risk assessment method, device and equipment and readable storage medium | |
| CN110868403B (en) | Method and equipment for identifying advanced persistent Attack (APT) | |
| Al-Mohannadi et al. | Analysis of adversary activities using cloud-based web services to enhance cyber threat intelligence | |
| Deng et al. | Lexical analysis for the webshell attacks | |
| Kardile | Crypto ransomware analysis and detection using process monitor | |
| Kim et al. | Involvers’ behavior-based modeling in cyber targeted attack | |
| Farinholt et al. | Dark matter: uncovering the DarkComet RAT ecosystem | |
| Bilar | Quantitative risk analysis of computer networks | |
| Alosefer | Analysing web-based malware behaviour through client honeypots | |
| Wilson et al. | Mitigating data exfiltration in storage-as-a-service clouds | |
| Irwin | Double-edged sword: dual-purpose cyber security methods | |
| Guelzim et al. | Formal methods of attack modeling and detection | |
| Amarantidou | Computer and Network Forensics: investigating network traffic | |
| Das | Generative AI and Digital Forensics | |
| Hovmark et al. | Towards Extending Probabilistic Attack Graphs with Forensic Evidence: An investigation of property list files in macOS | |
| Lundquist Amir et al. | Web Penetration testing: Finding and evaluating vulnerabilities in a web page based on C#,. NET and Episerver |