Target threat assessment using fuzzy sets theory

The threat evaluation is significant component in target classification process and is significant in military and non military applications. Small errors or mistakes in threat evaluation and target classification especial in military applications can result in huge damage of life and property. Threat evaluation helps in case of weapon assignment, and intelligence sensor support system. It is very important factor to analyze the behavior of enemy tactics as well as our surveillance. This paper represented a precise description of the threat evaluation process using fuzzy sets theory. A review has been carried out regarding which parameters that have been suggested for threat value calculation. For the first time in this paper, eleven parameters are introduced for threat evaluation so that this parameters increase the accuracy in designed system. The implemented threat evaluation system has been applied to a synthetic air defense scenario and four real time dynamic air defense scenarios. The simulation results show the correctness, accuracy, reliability and minimum errors in designing of threat evaluation syste

The improvement of uncertainty measurements accuracy in sensor networks based on fuzzy dempster-shafer theory

Threat Assessment is one of the most important components in combat management systems. However, uncertainty is one of the problems that occur in the input data of these systems that have been provided using several sensors in sensor networks. In literature, there are some theories that state and model uncertainty in the information. One of the new methods is the Fuzzy Dempster-Shafer Theory. In this paper, a model-based uncertainty is presented in the air defense system based on the Fuzzy Dempster-Shafer Theory to measure uncertainty and its accuracy. This model uses the two concepts naming of the Fuzzy Sets Theory, and the Dempster-Shafer Theory. The input parameters to sensors are fuzzy membership functions, and the basic probability assignment values are earned from the Dempster-Shafer Theory. Therefore, in this paper, the combination of two methods has been used to calculate uncertainty in the air defense system. By using these methods and the output of the Dempster-Shafer theory are calculated and presented the uncertainty diagrams. The advantage of the combination of two theories is the better modeling of uncertainties. This makes that the output of the air defense system is more reliable and accurate. In this method, the air defense system’s total uncertainty is measured using the best uncertainty measure based on the Fuzzy Dempster-Shafer Theory. The simulation results show that this new method has increased the accuracy to 97% that is more computational toward other theories. This matter significantly increases the computational accuracy of the air defense system in targets threat assessment

A new model for threat assessment in data fusion based on fuzzy evidence theory

In this paper a new method for threat assessment is proposed based on Fuzzy Evidence Theory. The most widely classical and intelligent methods used for threat assessment systems will be Evidence or Dempster Shafer and Fuzzy Sets Theories. The disadvantage of both methods is failing to calculate of uncertainty in the data from the sensors and the poor reliability of system. To fix this flaw in the system of dynamic targets threat assessment is proposed fuzzy evidence theory as a combination of both Dempster- Shafer and Fuzzy Sets Theories. In this model, the uncertainty in input data from the sensors and the whole system is measured using the best measure of the uncertainty. Also, a comprehensive comparison is done between the uncertainty of fuzzy model and fuzzy- evidence model (proposed method). This method applied to a real time scenario for air threat assessment. The simulation results show that this method is reasonable, effective, accuracy and reliability

NLP-Based Techniques for Cyber Threat Intelligence

In the digital era, threat actors employ sophisticated techniques for which, often, digital traces in the form of textual data are available. Cyber Threat Intelligence~(CTI) is related to all the solutions inherent to data collection, processing, and analysis useful to understand a threat actor's targets and attack behavior. Currently, CTI is assuming an always more crucial role in identifying and mitigating threats and enabling proactive defense strategies. In this context, NLP, an artificial intelligence branch, has emerged as a powerful tool for enhancing threat intelligence capabilities. This survey paper provides a comprehensive overview of NLP-based techniques applied in the context of threat intelligence. It begins by describing the foundational definitions and principles of CTI as a major tool for safeguarding digital assets. It then undertakes a thorough examination of NLP-based techniques for CTI data crawling from Web sources, CTI data analysis, Relation Extraction from cybersecurity data, CTI sharing and collaboration, and security threats of CTI. Finally, the challenges and limitations of NLP in threat intelligence are exhaustively examined, including data quality issues and ethical considerations. This survey draws a complete framework and serves as a valuable resource for security professionals and researchers seeking to understand the state-of-the-art NLP-based threat intelligence techniques and their potential impact on cybersecurity

A multiple-perspective approach for insider-threat risk prediction in cyber-security

Currently governments and research communities are concentrating on insider threat matters more than ever, the main reason for this is that the effect of a malicious insider threat is greater than before. Moreover, leaks and the selling of the mass data have become easier, with the use of the dark web. Malicious insiders can leak confidential data while remaining anonymous. Our approach describes the information gained by looking into insider security threats from the multiple perspective concepts that is based on an integrated three-dimensional approach. The three dimensions are human issue, technology factor, and organisation aspect that forms one risk prediction solution. In the first part of this thesis, we give an overview of the various basic characteristics of insider cyber-security threats. We also consider current approaches and controls of mitigating the level of such threats by broadly classifying them in two categories: a) technical mitigation approaches, and b) non-technical mitigation approaches. We review case studies of insider crimes to understand how authorised users could harm their organisations by dividing these cases into seven groups based on insider threat categories as follows: a) insider IT sabotage, b) insider IT fraud, c) insider theft of intellectual property, d) insider social engineering, e) unintentional insider threat incident, f) insider in cloud computing, and g) insider national security. In the second part of this thesis, we present a novel approach to predict malicious insider threats before the breach takes place. A prediction model was first developed based on the outcomes of the research literature which highlighted main prediction factors with the insider indicator variables. Then Bayesian network statistical methods were used to implement and test the proposed model by using dummy data. A survey was conducted to collect real data from a single organisation. Then a risk level and prediction for each authorised user within the organisation were analysed and measured. Dynamic Bayesian network model was also proposed in this thesis to predict insider threats for a period of time, based on data collected and analysed on different time scales by adding time series factors to the previous model. Results of the verification test comparing the output of 61 cases from the education sector prediction model show a good consistence. The correlation was generally around R-squared =0.87 which indicates an acceptable fit in this area of research. From the result we expected that the approach will be a useful tool for security experts. It provides organisations with an insider threat risk assessment to each authorised user and also organisations can discover their weakness area that needs attention in dealing with insider threat. Moreover, we expect the model to be useful to the researcher's community as the basis for understanding and future research

Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation

The rapid growth of the Internet interconnectivity and complexity of communication systems has led us to a significant growth of cyberattacks globally often with severe and disastrous consequences. The swift development of more innovative and effective (cyber)security solutions and approaches are vital which can detect, mitigate and prevent from these serious consequences. Cybersecurity is gaining momentum and is scaling up in very many areas. This book builds on the experience of the Cyber-Trust EU project’s methods, use cases, technology development, testing and validation and extends into a broader science, lead IT industry market and applied research with practical cases. It offers new perspectives on advanced (cyber) security innovation (eco) systems covering key different perspectives. The book provides insights on new security technologies and methods for advanced cyber threat intelligence, detection and mitigation. We cover topics such as cyber-security and AI, cyber-threat intelligence, digital forensics, moving target defense, intrusion detection systems, post-quantum security, privacy and data protection, security visualization, smart contracts security, software security, blockchain, security architectures, system and data integrity, trust management systems, distributed systems security, dynamic risk management, privacy and ethics

Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation

The rapid growth of the Internet interconnectivity and complexity of communication systems has led us to a significant growth of cyberattacks globally often with severe and disastrous consequences. The swift development of more innovative and effective (cyber)security solutions and approaches are vital which can detect, mitigate and prevent from these serious consequences. Cybersecurity is gaining momentum and is scaling up in very many areas. This book builds on the experience of the Cyber-Trust EU project’s methods, use cases, technology development, testing and validation and extends into a broader science, lead IT industry market and applied research with practical cases. It offers new perspectives on advanced (cyber) security innovation (eco) systems covering key different perspectives. The book provides insights on new security technologies and methods for advanced cyber threat intelligence, detection and mitigation. We cover topics such as cyber-security and AI, cyber-threat intelligence, digital forensics, moving target defense, intrusion detection systems, post-quantum security, privacy and data protection, security visualization, smart contracts security, software security, blockchain, security architectures, system and data integrity, trust management systems, distributed systems security, dynamic risk management, privacy and ethics