Yau Ti Dun scite author profile

Yau Ti Dun

4Publications

2Citation Statements Received

22Citation Statements Given

How they've been cited

How they cite others

Affiliations

Universiti Malaysia Pahang, Jabatan Perkhidmatan Awam Malaysia

Publications

Order By: Most citations

Hermes Ransomware v2.1 Action Monitoring using Next Generation Security Operation Center (NGSOC) Complex Correlation Rules

Dun¹,

Razak²,

Zolkipli³

et al. 2022

View full text Add to dashboard Cite

A new malware is identified every fewer than five seconds in today's threat environment, which is changing at a rapid speed. As part of cybercrime, there is a lot of malware activity that can infect the system and make it problematic. Cybercrime is a rapidly growing field, allowing cyber thieves to engage in a wide range of damaging activities. Hacking, scams, child pornography, and identity theft are all examples of cybercrime. Cybercrime victims might be single entities or groups of persons who are being targeted for harm. Cybercrime and malware become more hazardous and damaging because of these factors. Subsequent to these factors, there is a need to construct Next Generation Security Operation Centers (NGSOCs). SOC consists of human resources, processes, and technology designed to deal with security events derived from the Security Incident Event Management (SIEM) log analysis. This research examines how Next Generation Security Operation Centers (NGSOCs) respond to malicious activity. This study develops a use case to detect the latest Hermes Ransomware v2.1 malware using complex correlation rules for the SIEM anomalies engine. This study aims to analyze and detect Hermes Ransomware v2.1. As a result, NGSOC distinguishes malware activities' initial stages by halting traffic attempts to download malware. By forwarding logs to SIEM, the use case can support Threat Analyst in finding other Indicators of Compromise (IOC) to assist organizations in developing a systematic and more preemptive approach for ransomware detection.

show abstract

Cyber-attack Group Representation based on Adversary Artifacts with Machine Learning

Mustafar

Zainal

Ariffin

et al. 2022

View full text Add to dashboard Cite

Coinhive’s Monero Drive-by Crypto-jacking

Aziz

Ngah

Dun

et al. 2020

IOP Conf. Ser.: Mater. Sci. Eng.

View full text Add to dashboard Cite

This paper provides study of behaviour on a drive-by crypto-jacking, specifically Coinhive’s Monero. Crypto-jacking is a form of cyber threat where a host machine’s processing power hijacked thru infected website to solve cryptographic puzzles as an unwitting participant. The sample study share host machine and network behaviours when host visited websites that have been embedded with Coinhive’s Monero related script. These data collection of behaviour can be utilize to identify and detect Coinhive’s Monero mining activities in networks.

show abstract

Performance Analysis on Denial of Service attack using UNSW-NB15 Dataset

Kamarudin

Razak

Firdaus

et al. 2021

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yau Ti Dun

Hermes Ransomware v2.1 Action Monitoring using Next Generation Security Operation Center (NGSOC) Complex Correlation Rules

Cyber-attack Group Representation based on Adversary Artifacts with Machine Learning

Coinhive’s Monero Drive-by Crypto-jacking

Performance Analysis on Denial of Service attack using UNSW-NB15 Dataset

Contact Info

Product

Resources

About