ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks

Despite the fact that cyberattacks are constantly growing in complexity, the research community still lacks effective tools to easily monitor and understand them. In particular, there is a need for techniques that are able to not only track how prominently certain malicious actions, such as the exploitation of specific vulnerabilities, are exploited in the wild, but also (and more importantly) how these malicious actions factor in as attack steps in more complex cyberattacks. In this paper we present ATTACK2VEC, a system that uses temporal word embeddings to model how attack steps are exploited in the wild, and track how they evolve. We test ATTACK2VEC on a dataset of billions of security events collected from the customers of a commercial Intrusion Prevention System over a period of two years, and show that our approach is effective in monitoring the emergence of new attack strategies in the wild and in flagging which attack steps are often used together by attackers (e.g., vulnerabilities that are frequently exploited together). ATTACK2VEC provides a useful tool for researchers and practitioners to better understand cyberattacks and their evolution, and use this knowledge to improve situational awareness and develop proactive defenses

Deriving modernity signatures of codebases with static analysis

This paper addresses the problem of determining the modernity of software systems by analysing the use of new language features and their adoption over time. We propose the concept of modernity signatures to estimate the age of a codebase, naturally adjusted for maintenance practices, such that the modernity of a regularly updated system would be above that of a more recently created one which neglects current features and best practices. This can provide insights into coding practices, codebase health and the evolution of software languages. We present case studies on PHP and Python code, demonstrating the effectiveness of modernity signatures in determining the age of a codebase without executing the code or performing extensive human inspection. The paper describes the technical implementation details of generating the modernity signature for both of these languages, including the use of existing tools like the PHP parser and Vermin. The findings suggest that modernity signatures can aid developers in many ways from choosing whether to use a system or how to approach its maintenance, to assessing usefulness of a language feature, thus providing a valuable tool for source code analysis and manipulation

Attack2vec: Leveraging temporal word embeddings to understand the evolution of cyberattacks

Despite the fact that cyberattacks are constantly growing in complexity, the research community still lacks effective tools to easily monitor and understand them. In particular, there is a need for techniques that are able to not only track how prominently certain malicious actions, such as the exploitation of specific vulnerabilities, are exploited in the wild, but also (and more importantly) how these malicious actions factor in as attack steps in more complex cyberattacks. In this paper we present ATTACK2VEC, a system that uses temporal word embeddings to model how attack steps are exploited in the wild, and track how they evolve. We test ATTACK2VEC on a dataset of billions of security events collected from the customers of a commercial Intrusion Prevention System over a period of two years, and show that our approach is effective in monitoring the emergence of new attack strategies in the wild and in flagging which attack steps are often used together by attackers (e.g., vulnerabilities that are frequently exploited together). ATTACK2VEC provides a useful tool for researchers and practitioners to better understand cyberattacks and their evolution, and use this knowledge to improve situational awareness and develop proactive defenses.Accepted manuscrip

Web Content Management Systems, a Collaborative Environment in the Information Society

The aim of the present paper is to analyze the main models of collaboration and the use of a Web CMS, in order to develop an online community. Taking into consideration the multitude of the existing Web CMSs on the market and their diverse functionalities, we conducted a prospective study that tests the development trends in the field, with the view of finding out which are the most important Web CMSs in practice, and which are the most important functionalities they have to possess, in order to develop a collaborative online community. The results of the study show that the most popular Web CMS is Joomla, and the most widespread programming language is PHP. Likewise, we consider that this study can help the entry-level web developers to get an overview of the most popular Web CMSs, and their functionalities.collaboration, content management, web content management systems

EvalEdit - Online Editor for E-learning Tests

As our society has gradually changed in the past few years with the new technology, the internet has become more and more present at our workplace and in our learning methods. The internet brought us an easier access to information offering a range of tools and capabilities to workers. Teaching and learning has changed since the technological explosion. The related aspects to their effectiveness are: time, place, delivery process and learning process. In this article we'll try to explain the associated concepts with e-learning, like the stakeholders involved, the technology and the provided products and services, and other related issues and trends.Internet, E-learning, Information Communications Technology, PHP, MySQL, Databases