Renato Marinho scite author profile

Renato Marinho

3Publications

0Citation Statements Received

96Citation Statements Given

How they've been cited

How they cite others

Affiliations

Universidade de Fortaleza, Unifor

Publications

Order By: Most citations

Introdução à Análise de Códigos Maliciosos para ambiente Windows

Marinho

Santos²,

Filho

et al. 2022

View full text Add to dashboard Cite

Malicious code analysis aims at a deep understanding of how malware works, what tactics, techniques and procedures are used, what tools are applied, if there are network operations, file exfiltration, capture of user information or the system, among other activities. In this mini-course, participants will be trained in malicious code analysis techniques for the Windows environment. The course applies a methodology that seeks, incrementally, to aggregate new information about the malware at each stage, comprising the following stages: binary profiling (OSINT), fully automated analysis, binary properties analysis, behavior analysis and manual reverse analysis. ResumoA análise de código malicioso visa o entendimento profundo do funcionamento de um malware, como ele atua, quais as táticas, técnicas e procedimentos são utilizados, quais ferramentas são empregadas, se há operações de rede, exfiltração de arquivos, captura de informações do usuário ou do sistema, entre outras atividades. Neste minicurso os participantes serão capacitados nas técnicas de análise de códigos maliciosos para o ambiente Windows. O curso aplica uma metodologia, que busca, de forma incremental, agregar novas informações sobre o malware em cada estágio, compreendendo os seguintes estágios: profiling do binário (OSINT), análise totalmente automatizada, análise de propriedades do binário, análise de comportamento e análise reversa manual.

show abstract

A Multi-criteria Approach to Improve the Cyber Security Visibility Through Breach Attack Simulations

Neto

Filho

Marinho

2022

View full text Add to dashboard Cite

Cyber threats are increasingly present in our daily lives and represent a great risk for companies. In this sense, organisations run breach attack simulations to generate an action plan and recommendations that must be followed. However, these action plans are the result of the tacit knowledge of specialists. Upon this issue, this research proposes a formal and automatic method to generate prioritized action plans to improve the visibility of the environment. The method proposed here is demonstrated through an experiment, in which the results were consistent and useful for the scenario in which it was tested.

show abstract

Automated Emerging Cyber Threat Identification and Profiling Based on Natural Language Processing

Marinho

Filho

2023

IEEE Access

View full text Add to dashboard Cite

The time window between the disclosure of a new cyber vulnerability and its use by cybercriminals has been getting smaller and smaller over time. Recent episodes, such as Log4j vulnerability, exemplifies this well. Within hours after the exploit being released, attackers started scanning the internet looking for vulnerable hosts to deploy threats like cryptocurrency miners and ransomware on vulnerable systems. Thus, it becomes imperative for the cybersecurity defense strategy to detect threats and their capabilities as early as possible to maximize success of prevention actions. Although crucial, discovering new threats is a challenging activity for security analysts due to the immense volume of data and information sources to be analyzed for signs that a threat is emerging. In this sense, we present a framework for automatic identification and profiling of emerging threats using Twitter messages as a source of events and MITRE ATT&CK as a source of knowledge for threat characterization. The framework comprises three main parts: identification of cyber threats and their names; profiling the identified threat in terms of its intentions or goals by employing two machine learning layers to filter and classify tweets; and alarm generation based on the threat's risk. The main contribution of our work is the approach to characterize or profile the identified threats in terms of its intentions or goals, providing additional context on the threat and avenues for mitigation. In our experiments the profiling stage reached a F1 score of 77% in correctly profiling discovered threats.INDEX TERMS cyber threat discovery, cyber threat profiling, emerging threats, machine learning, nlp, osint.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Renato Marinho

Introdução à Análise de Códigos Maliciosos para ambiente Windows

A Multi-criteria Approach to Improve the Cyber Security Visibility Through Breach Attack Simulations

Automated Emerging Cyber Threat Identification and Profiling Based on Natural Language Processing

Contact Info

Product

Resources

About