Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
303,980
result(s) for
"threat"
Sort by:
PRIORITI: scoring and categorization-based threat prioritization
The threat alert fatigue or alert overload problem has become critical in recent years. In practice, the volume of threat alerts is higher than the volume of alerts that SOC analysts can investigate. In this paper, we propose “Threat Inspection and Prioritization (PRIORITI),” a threat inspection mechanism that derives threat intelligence from the threat alert for prioritizing investigation. PRIORITI works in three phases, the first phase computes MITRE techniques, which act as a base layer for threat scoring and categorization. The second phase of PRIORITI maps the threat technique to CAPEC attack patterns and derives the scoring metrics. We further propose a novel threat scoring mechanism based on the derived metrics for threat score computation. The third phase of PRIORITI maps each MITRE technique to a single category from Microsoft’s STRIDE framework. Finally, threat score and category are used to prioritize the threat alerts. We evaluated PRIORITI on 7.6 million alerts from the DARPA dataset. It maps these alerts to 21 unique MITRE techniques and computes the threat scores and categories. From the aforementioned results, PRIORITI prioritizes 1.27% (i.e., 96703 out of 7.6 million) of captured alerts as critical by processing an average of 1 million alerts within ≈ 20 s. In addition, PRIORITI provides additional insights to the SOC analysts to investigate the threat alerts, which improves the time taken to respond to threats after detection. Through this effort, PRIORITI improves the productivity of the SOC analysts and provides a significant contribution to handle the “threat alert fatigue.”
Journal Article
The taking : a novel
\"On the morning that marks the end of the world they have known, Molly and Neil Sloan awaken to the drumbeat of rain on their roof. A luminous silvery downpour is drenching their small California mountain town. It has haunted their sleep, invaded their dreams, and now, in the moody purple dawn, the young couple cannot shake the sense of something terribly wrong. As the hours pass, Molly and Neil listen to disturbing news of extreme weather phenomena across the globe...\"--P. [4] of cover.
Book
Measuring and visualizing cyber threat intelligence quality
The very raison d’être of cyber threat intelligence (CTI) is to provide meaningful knowledge about cyber security threats. The exchange and collaborative generation of CTI by the means of sharing platforms has proven to be an important aspect of practical application. It is evident to infer that inaccurate, incomplete, or outdated threat intelligence is a major problem as only high-quality CTI can be helpful to detect and defend against cyber attacks. Additionally, while the amount of available CTI is increasing it is not warranted that quality remains unaffected. In conjunction with the increasing number of available CTI, it is thus in the best interest of every stakeholder to be aware of the quality of a CTI artifact. This allows for informed decisions and permits detailed analyses. Our work makes a twofold contribution to the challenge of assessing threat intelligence quality. We first propose a series of relevant quality dimensions and configure metrics to assess the respective dimensions in the context of CTI. In a second step, we showcase the extension of an existing CTI analysis tool to make the quality assessment transparent to security analysts. Furthermore, analysts’ subjective perceptions are, where necessary, included in the quality assessment concept.
Journal Article
Flooding and environmental challenges for Venice and its lagoon : state of knowledge
Presenting scientific and technical synthesis of interdisciplinary research into the environmental threats to Venice and its lagoon, this text also looks at other cities under threat from rising sea levels, such as London and St. Petersburg.
Book
Cyber threat assessment and management for securing healthcare ecosystems using natural language processing
The healthcare sectors have constantly faced significant challenge due to the rapid rise of cyber threats. These threats can pose any potential risk within the system context and disrupt the critical healthcare service delivery. It is therefore necessary for the healthcare organisations to understand and tackle the threats to ensure overall security and resilience. However, threats are continuously evolved and there is large amount of unstructured security-related textual information is available. This makes the threat assessment and management task very challenging. There are a number of existing works that consider Machine Learning models for detection and prediction of cyber attack but they lack of focus on the Natural Language Processing (NLP) to extract the threat information from unstructured security-related text. To this end, this work proposes a novel method to assess and manage threats by adopting natural language processing. The proposed method has been tailored for the healthcare ecosystem and allows to identify and assess the possible threats within healthcare information infrastructure so that appropriate control and mitigation actions can be taken into consideration to tackle the threat. In detail, NLP techniques are used to extract the useful threat information related to specific assets of the healthcare ecosystems from the largely available security-related information on Internet (e.g. cyber security news), to evaluate the level of the identified threats and to select the required mitigation actions. We have performed experiments on real healthcare ecosystems in Fraunhofer Institute for Biomedical Engineering, considering in particular three different healthcare scenarios, namely implantable medical devices, wearables, and biobank, with the purpose of demonstrating the feasibility of our approach, which is able to provide a realistic manner to identify and assess the threats, evaluate the threat level and suggest the required mitigation actions.
Journal Article
The birthday party
\"Buried deep in rural France, little remains of the isolated hamlet of the Three Lone Girls, save a few houses and a curiously assembled quartet: Patrice Bergogne, inheritor of his family's farm; his wife, Marion; their daughter, Ida; and their neighbor, Christine, an artist. While Patrice plans a surprise for his wife's fortieth birthday, inexplicable events start to disrupt the hamlet's quiet existence: anonymous, menacing letters, an unfamiliar car rolling up the driveway. And as night falls, strangers stalk the houses, unleashing a nightmarish chain of events. Told in rhythmic, propulsive prose that weaves seamlessly from one consciousness to the next over the course of a day, Laurent Mauvignier's The Birthday Party is a deft unraveling of the stories we hide from others and from ourselves, a gripping tale of the violent irruptions of the past into the present, written by a major contemporary French writer.\"-- Provided by publisher.
Book
An overview of implementing security and privacy in federated learning
Federated learning has received a great deal of research attention recently,with privacy protection becoming a key factor in the development of artificial intelligence. Federated learning is a special kind of distributed learning framework, which allows multiple users to participate in model training while ensuring that their privacy is not compromised; however, this paradigm is still vulnerable to security and privacy threats from various attackers. This paper focuses on the security and privacy threats related to federated learning. First, we analyse the current research and development status of federated learning through use of the CiteSpace literature search tool. Next, we describe the basic concepts and threat models, and then analyse the security and privacy vulnerabilities within current federated learning architectures. Finally, the directions of development in this area are further discussed in the context of current advanced defence solutions, for which we provide a summary and comparison.
Journal Article
Cyber Security Threat Modeling for Supply Chain Organizational Environments
Cyber security in a supply chain (SC) provides an organization the secure network facilities to meet its overall business objectives. The integration of technologies has improved business processes, increased production speed, and reduced distribution costs. However, the increased interdependencies among various supply chain stakeholders have brought many challenges including lack of third party audit mechanisms and cascading cyber threats. This has led to attacks such as the manipulation of the design specifications, alterations, and manipulation during distribution. The aim of this paper is to investigate and understand supply chain threats. In particular, the paper contributes towards modeling and analyzing CSC attacks and cyber threat reporting among supply chain stakeholders. We consider concepts such as goal, actor, attack, TTP, and threat actor relevant to the supply chain, threat model, and requirements domain, and modeled the attack using the widely known STIX threat model. The proposed model was analyzed using a running example of a smart grid case study and an algorithm to model the attack. A discrete probability method for calculating the conditional probabilities was used to determine the attack propagation and cascading effects, and the results showed that our approach effectively analyzed the threats. We have recommended a list of CSC controls to improve the overall security of the studied organization.
Journal Article