Proposal and Evaluation of Cyber Defense System Using Blacklist Refined Based on Authentication Results

Nakakoji, Hirofumi; Yasuhiro, Fujii; Isobe, Yusuke; Shigemoto, Tomohiro; Kito, Tetsuro; Hayashi, Naoki; Kawaguchi, Nobutaka; Shimotsuma, Naoki; Kikuchi, Hiroaki

doi:10.1109/nbis.2016.25

Cited by 4 publications

(2 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In contrast, white-list technique is used to gather and classify the information of reliable sources for legitimate uses [153]. The application of white-list or blacklist techniques have been studied in the literature [43,22,112]. In [112], the authors proposed an authentication-based approach which classifies the access to the Uniform Resource Locators (URLs) based on three defined lists: white-list, blacklist, or gray-list.…”

Section: F Anomaly Detectionmentioning

confidence: 99%

“…The application of white-list or blacklist techniques have been studied in the literature [43,22,112]. In [112], the authors proposed an authentication-based approach which classifies the access to the Uniform Resource Locators (URLs) based on three defined lists: white-list, blacklist, or gray-list. They showed that the proposed system can improve the accuracy of the suspicious the gray-list, white-list, and black-list, and further reduce the authentication frequency for the user accessing the URLs.…”

Section: F Anomaly Detectionmentioning

confidence: 99%

See 1 more Smart Citation

A Survey on Threat Situation Awareness Systems: Framework, Techniques, and Insights

Alavizadeh¹,

Jang-Jaccard²,

Enoch³

et al. 2021

Preprint

View full text Add to dashboard Cite

Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats which are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system need to be developed which has the ability of monitoring and capturing various types of threats, analyzing and devising a plan to avoid further attacks. This paper provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, and analysis of the techniques, and evaluation methods. Lastly, we highlight misconceptions, insights and limitations of this study and suggest some future work directions to address the limitations.

show abstract