12 research outputs found
Fuzzy ontology structure for information leaks and ISC
Get PDFThe article proposes a variant of the fuzzy ontology for complex information security systems (CISS) analysis, which focuses on the most common variants scenarios for information leaks and on the peculiarities of information security culture. The analysis of CISS is based on many factors (attacks on the system, etc.), among which can be not only technical flaws . Common mistakes and misunderstandings in identifying security incidents and how to respond to them is also important. Therefore, for the basic protection of the system, it is necessary to identify many factors and the structure, which will identify these factors, scenarios, and the relationship between the security elements for future use will greatly simplify the understanding and construction of the CISS. This structure can be used scenarios for information leaks, taking into consideration information security culture and to further determination of the overall formal assessment of the organization’s security
Basic concepts, approaches and fundamentals of cyber threat intelligence
Get PDFThis article is designed to introduce readers to Cyber Threat Intelligence (CTI). Various Threat Hunting (TH) techniques and sources of information about threats were mentioned. Commercial tools and open source software for cyber threat hunting are also described
Analysis of the core research for vendor email compromise filtering model using machine learning
Get PDFVendor email compromise became one of most sophisticated types of social engineering attacks. Strengths of this malicious activity rely on basis of impersonating vendor that company working with. Thus, it is easy for attacker to exploit this trust for doing different type of data exfiltration or ransom. To mitigate risks, that come with these challenges, information security specialist should consider using different types of approaches, including machine learning, to identify anomalies in email, so further damages can be prevented. The purpose of this work lies in the identification of optimal approach for VEC-style attacks detection and optimizing these approaches with least amount of falsepositive (FP) parameters. The object of this research is different methods of text processing algorithms, including machine learning methods for detecting VEC emails. The subject of research in this paper mainly considers impact of mentioned text processing algorithms and its relation with efficiency of VEC email classification, identifying most effective approach and, also, how to improve results of such detections. Results of this paper consists of details for VEC-email attacks detection, challenges that comes with different approaches and proposed solution, that lies in using text processing techniques and agentrelated approach with main sphere of implication – machine-learning systems, that are used for identifying social-engineering attacks through email
Stochastic Violator Model
Get PDFThis paper introduces a new type of violator model that is based on Markov chains. It can be used as a scenario model AS IS or as a mathematical model with quantitative estimates if additional information is presented. Our aim with this paper was to develop a model that will allow to restore missing data, using existing knowledge about violator. The results show that presented scenario for general cases cover the majority of attacks and can be applied to real-life scenarios too. Summing up the results, it can be concluded that additional improvement of the model should be focused on data gathering to ensure that existing data will be enough to recover the rest
Basic q-analysis of MCQA for Information Security System
No full textArticle explores application methods for systems structural analysis to use in study of security in information systems, which is based on variants of general attack scenarios, features of cybersecurity culture, q-analysis, which is part of MCQA . General security system analysis usually is based on different factors, which include technical means, human-related mistakes in different ways and respond to security incidents. Q-analysis presents the basic principles of constructing model of information security systems elements connectivity on the example of two sets: set of threats and sets of security measures for information security and calculated numerical values. Elements of the two sets of are interconnected and form the basis of a system for ensuring their security. These calculations can be used to further determine overall formal assessment of security of the organization.</jats:p
Fuzzy ontology structure for information leaks and ISC
No full textThe article proposes a variant of the fuzzy ontology for complex information security systems (CISS) analysis, which focuses on the most common variants scenarios for information leaks and on the peculiarities of information security culture. The analysis of CISS is based on many factors (attacks on the system, etc.), among which can be not only technical flaws . Common mistakes and misunderstandings in identifying security incidents and how to respond to them is also important. Therefore, for the basic protection of the system, it is necessary to identify many factors and the structure, which will identify these factors, scenarios, and the relationship between the security elements for future use will greatly simplify the understanding and construction of the CISS. This structure can be used scenarios for information leaks, taking into consideration information security culture and to further determination of the overall formal assessment of the organization’s security
An example of fuzzy ontology usage for risk assessment and attack impact
No full textThe article discusses the use of fuzzy ontology for assessing risks and impacts of attacks in the field of information security. Fuzzy ontology, which is a formalized way of representing knowledge, offers effective solutions for processing complex and informal processes. The article substantiates the significance of fuzzy logic in structural analysis and presents an example of how new types of attacks influence the ontology. Key findings include the identification of risks associated with attacks through the application of fuzzy sets and entropy theory. The discussion highlights how these methods can enhance threat response and risk management in information systems
