مقاله انگلیسی رایگان در مورد ردیابی نفوذ مشارکتی برای تقویت هوش تهدید سایبری – الزویر 2022

 

مشخصات مقاله
ترجمه عنوان مقاله تقویت هوش تهدید سایبری از طریق تشخیص نفوذ مشارکتی
عنوان انگلیسی مقاله Boosting Cyber-Threat Intelligence via Collaborative Intrusion Detection
انتشار مقاله سال 2022
تعداد صفحات مقاله انگلیسی 2222 صفحه
هزینه دانلود مقاله انگلیسی رایگان میباشد.
پایگاه داده نشریه الزویر
نوع نگارش مقاله
مقاله پژوهشی (Research Article)
مقاله بیس این مقاله بیس میباشد
نمایه (index) Scopus – Master Journal List – JCR
نوع مقاله ISI
فرمت مقاله انگلیسی  PDF
ایمپکت فاکتور(IF)
8.872 در سال 2020
شاخص H_index 134 در سال 2022
شاخص SJR 2.233 در سال 2020
شناسه ISSN 0167-739X
شاخص Quartile (چارک) Q1 در سال 2020
فرضیه ندارد
مدل مفهومی دارد
پرسشنامه ندارد
متغیر ندارد
رفرنس دارد
رشته های مرتبط مهندسی کامپیوتر – مهندسی فناوری اطلاعات
گرایش های مرتبط مهندسی نرم افزار – اینترنت و شبکه های گسترده – هوش مصنوعی – امنیت اطلاعات
نوع ارائه مقاله
ژورنال
مجله  نسل آینده سیستم های کامپیوتری – Future Generation Computer Systems
دانشگاه Institute for High Performance Computing and Networking, Italy
کلمات کلیدی معماری اطلاعات تهدید سایبری – غنی سازی داده های امنیتی – یادگیری فعال – سیستم تشخیص نفوذ – تجزیه و تحلیل تهدید – SIEM
کلمات کلیدی انگلیسی Cyber Threat Intelligence architecture – Security data enrichment – Active Learning – Intrusion Detection System – Threat analytics – SIEM
شناسه دیجیتال – doi
https://doi.org/10.1016/j.future.2022.04.028
کد محصول e16706
وضعیت ترجمه مقاله  ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید.
دانلود رایگان مقاله دانلود رایگان مقاله انگلیسی
سفارش ترجمه این مقاله سفارش ترجمه این مقاله

 

فهرست مطالب مقاله:
Abstract
1. Introduction
2. Background and related works
3. The ORISHA Platform
4. Experimental analysis
5. Conclusions
CRediT authorship contribution statement
Declaration of Competing Interest
Acknowledgments
References

بخشی از متن مقاله:

Abstract

     Sharing threat events and Indicators of Compromise (IoCs) enables quick and crucial decision making relative to effective countermeasures against cyberattacks. However, the current threat information sharing solutions do not allow easy communication and knowledge sharing among threat detection systems (in particular Intrusion Detection Systems (IDS)) exploiting Machine Learning (ML) techniques. Moreover, the interaction with the expert, which represents an important component to gather verified and reliable input data for the ML algorithms, is weakly supported. To address all these issues, ORISHA, a platform for ORchestrated Information SHaring and Awareness enabling the cooperation among threat detection systems and other information awareness components, is proposed here. ORISHA is backed by a distributed Threat Intelligence Platform based on a network of interconnected Malware Information Sharing Platform instances, which enables the communication with several Threat Detection layers belonging to different organizations. Within this ecosystem, Threat Detection Systems mutually benefit by sharing knowledge that allows them to refine the underlying predictive accuracy. Uncertain cases, i.e. examples with low anomaly scores, are proposed to the expert, who acts with the role of oracle in an Active Learning scheme. By interfacing with a honeynet, ORISHA allows for enriching the knowledge base with further positive attack instances and then yielding robust detection models. An experimentation conducted on a well-known Intrusion Detection benchmark demonstrates the validity of the proposed architecture.

Introduction

     Nowadays, organizations and users face an enormous amount of sophisticated, targeted and widespread cyberattacks. Malicious actors were proven able to compromise government computer systems as well user devices causing various types of damages. Phishing, identity theft, information leakage, DDOS and botnet represent some examples of popular threat occurred in 2020 [1]. The outbreak of COVID-19 has further exacerbated this situation. As the virus spread during the early part of the 2020, the number of cyberattacks against organizations grew exponentially, reaching a peak in April [2], [3]. The pandemic unveiled different vulnerabilities of well-known platforms, applications and systems, and simultaneously stimulated the interest for promoting the usage of information sharing technologies to increase the degree of security for enterprises and organizations.

Conclusions

     Security intelligence and data analytics techniques can be used to strengthen the capabilities of cybersecurity applications in various vertical domains and use cases. These techniques can largely benefit from mechanisms to share digital evidence and ensure interoperability. The current Threat Intelligence platforms do not provide native mechanisms to incorporate such mechanisms, especially when data-driven and AI powered threat detection systems are involved. ORISHA is a first attempt to enable a sharing and interoperability protocol among such components, based solely on a data-oriented approach. This simple, flexible strategy and data formats for collaborative threat intelligence can trigger specific advantages: Improving the alert effectiveness by reducing the amount of false positive alerts; better contextualizing threat data with the contribution of multiple actors; boosting trust among producers and consumers of threat intelligence information; and strengthening the robustness of machine learning and deep learning models adopted by security applications. An experimental evaluation, conducted on a well-known IDS benchmark, demonstrates how merging data sharing and active learning strategies can improve the detection capabilities of the MISP network allowing to discover undetected attacks.

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

دکمه بازگشت به بالا