A Reference Model for Cyber Threat Intelligence (CTI) Systems

Cyber Threat Intelligence (CTI) is a new but promising field of information security, with many organizations investing in the development of proper tools and services and the integration of CTI related information. However, as a new field, there is a lack of a conceptual framework with corresponding definitions. This paper discusses CTI complexity factors, proposes a set of definitions of the CTI key concepts and an eight-layer CTI Reference Model as a base for CTI systems design. In addition, the proposed reference model is validated by applying it to three case studies, producing the respective CTI Reference Architectures

Applying BERT for Early-Stage Recognition of Persistence in Chat-Based Social Engineering Attacks

Chat-based social engineering (CSE) attacks are attracting increasing attention in the Small-Medium Enterprise (SME) environment, given the ease and potential impact of such an attack. During a CSE attack, malicious users will repeatedly use linguistic tricks to eventually deceive their victims. Thus, to protect SME users, it would be beneficial to have a cyber-defense mechanism able to detect persistent interlocutors who repeatedly bring up critical topics that could lead to sensitive data exposure. We build a natural language processing model, called CSE-PersistenceBERT, for paraphrase detection to recognize persistency as a social engineering attacker’s behavior during a chat-based dialogue. The CSE-PersistenceBERT model consists of a pre-trained BERT model fine-tuned using our handcrafted CSE-Persistence corpus; a corpus appropriately annotated for the specific downstream task of paraphrase recognition. The model identifies the linguistic relationship between the sentences uttered during the dialogue and exposes the malicious intent of the attacker. The results are satisfactory and prove the efficiency of CSE-PersistenceBERT as a recognition mechanism of a social engineer’s persistent behavior during a CSE attack

A Reference Model for Cyber Threat Intelligence (CTI) Systems

Cyber Threat Intelligence (CTI) is a new but promising field of information security, with many organizations investing in the development of proper tools and services and the integration of CTI related information. However, as a new field, there is a lack of a conceptual framework with corresponding definitions. This paper discusses CTI complexity factors, proposes a set of definitions of the CTI key concepts and an eight-layer CTI Reference Model as a base for CTI systems design. In addition, the proposed reference model is validated by applying it to three case studies, producing the respective CTI Reference Architectures

OMTP: combining TCP and UDP for multimedia streaming

In this paper we present the Overlay Media Transport Protocol (OMTP), a novel yet simple protocol, which combines the fairness and congestion control of TCP with the minimalist approach of UDP to deliver high performance for multimedia streaming in a flexible and efficient way. No modification is needed on either TCP or UDP. Furthermore, OMTP can be used with in any type of TCP/IP based network and can be applied to single or multiple levels of multimedia stream quality

Inter-UAV Routing Scheme Testbeds

With the development of more advanced and efficient control algorithms and communication architectures, UAVs and networks thereof (swarms) now find applications in nearly all possible environments and scenarios. There exist numerous schemes which accommodate routing for such networks, many of which are specifically designed for distinct use-cases. Validation and evaluation of routing schemes is implemented for the most part using simulation software. This approach is however incapable of considering real-life noise, radio propagation models, channel bit error rate and signal-to-noise ratio. Most importantly, existing frameworks or simulation software cannot sense physical-layer related information regarding power consumption which an increasing number of routing protocols utilize as a metric. The work presented in this paper contributes to the analysis of already existing routing scheme evaluation frameworks and testbeds and proposes an efficient, universal and standardized hardware testbed. Additionally, three interface modes aimed at evaluation under different scenarios are provided

CSE-ARS: Deep Learning-Based Late Fusion of Multimodal Information for Chat-Based Social Engineering Attack Recognition

With the increasing prevalence of chat-based social engineering (CSE) attacks targeting unsuspecting users, the need for robust defenses has never been more critical. In this paper, we introduce Chat-based Social Engineering Attack Recognition System (CSE-ARS), an innovative and effective CSE defense system. CSE-ARS employs a late fusion strategy that integrates the findings of five specialized deep learning models, each focused on detecting distinct CSE attack enablers: critical information leakage recognizer (CRINL-R), personality traits recognizer (PERST-R), dialogue acts recognizer (DIACT-R), persuasion recognizer (PERSU-R), persistence recognizer (PERSI-R). The system harnesses weighted linear aggregation and employs simulated annealing with 10-fold cross-validation, ensuring optimal model performance. CSE-ARS is trained on the CSE-ARS Corpus, a carefully curated dataset tailored to the intricacies of CSE attacks. Extensive evaluation reveals that CSE-ARS achieves satisfactory results in identifying and neutralizing CSE threats, enhancing user security in online interactions

Achieving Security and Privacy in NG-IoT Using Blockchain Techniques

The centralization of data is a current practice in information systems that does not fit into the novel next-generation computing concept. Such a paradigm aims to support the distribution of information, processing, and computing power. Blockchain is a technology supporting the recording of information for distributed and decentralized, peer-to-peer applications, that has emerged in the last decade, with the initial focus being on the finance sector. A highly valuable feature of blockchain is its capability of enhancing the security of data due to the immutability of the information stored on the ledger. In this chapter, the definition, details, applications, and benefits of this technology will be explored. In addition, the ways in which blockchain increases security and privacy will be described. Finally, the pairing of blockchain with other next-generation, cutting-edge technologies will be investigated