Proposed Approach for Targeted Attacks Detection

Ghafir, Ibrahim; Přenosil, Václav

doi:10.1007/978-3-319-24584-3_7

Cited by 21 publications

(21 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Security and privacy issues are a major vulnerability to any technology, this can become quite serious if not treated correctly by adopting the appropriate methods [15], [16], [17], [18], [19], [20]. It has been known in recent years that RFID contactless cards have one of the most serious vulnerabilities due to the accessibility of RFID readers that can be bought online.…”

Section: Related Workmentioning

confidence: 99%

Internet of Things Security: A review on the RFID contactless security protocols

Outteridge

2018

Preprint

View full text Add to dashboard Cite

The advancement of technology that have been produced for Internet of Things (IoT) security has grown significantly and exponentially over the years. This has caused a major impact in the world of IoT security as technological companies have to keep up with the ever-changing security protocols. The Radio Frequency Identification (RFID) technology has recently gained popularity in the world of IoT, this is due to the RFID chips involvement within credit and debit cards to allow them to become contactless. This survey will produce an in-depth discussion about the background of RFID, the relevance of RFID in today's society, related work, the advantages and disadvantages of RFID and finally a solution to the RFID contactless.

show abstract

Section: Related Workmentioning

confidence: 99%

Internet of Things Security: A review on the RFID contactless security protocols

Outteridge

2018

Preprint

View full text Add to dashboard Cite

show abstract

“…To address those weaknesses, a new approach for APT detection has been presented in [14], and this paper is a step towards developing the proposed system.…”

Section: Related Workmentioning

confidence: 99%

“…A novel approach for APT detection is proposed in [14]. The suggested system undergoes two main phases, the first one detects eight techniques commonly used in APT life cycle.…”

mentioning

confidence: 99%

Disguised executable files in spear-phishing emails: Detecting the point of entry in advanced persistent threat

Ghafir¹,

Hammoudeh²,

Přenosil³

2017

Preprint

Self Cite

View full text Add to dashboard Cite

Advanced Persistent Threat (APT) is one of the most serious types of cyber attacks, which is a new and more complex version of multi-step attack. Within the APT life cycle, the most common technique used to get the point of entry is spear-phishing emails which may contain disguised executable files. This paper presents the disguised executable file detection (DeFD) module, which aims at detecting disguised exe files transferred over the connections. The detection is based on a comparison between the MIME type of the transferred file and the file name extension.This module was experimentally evaluated and the results show successful detection of disguised executable files.

show abstract

“…With the emergence of smart cities, the opportunities of gain for malicious attackers have grown, along with their motivation. Great damage and substantial financial loss have been caused by malware, botnets [3,4] and targeted attacks [5,6] through deceiving the user to connect to malicious domains or websites [7,8]. Although intrusion detection systems [9] and monitoring tools [10,11] play a significant role in the network security, the human factor should be taken into consideration.…”

Section: Introductionmentioning

confidence: 99%

Security threats to critical infrastructure: the human factor

et al. 2018

Self Cite

View full text Add to dashboard Cite

In the twenty-first century, globalisation made corporate boundaries invisible and difficult to manage. This new macroeconomic transformation caused by globalisation introduced new challenges for critical infrastructure management. By Security threats to critical infrastructure: the human… 4987 replacing manual tasks with automated decision making and sophisticated technology, no doubt we feel much more secure than half a century ago. As the technological advancement takes root, so does the maturity of security threats. It is common that today's critical infrastructures are operated by non-computer experts, e.g. nurses in health care, soldiers in military or firefighters in emergency services. In such challenging applications, protecting against insider attacks is often neither feasible nor economically possible, but these threats can be managed using suitable risk management strategies. Security technologies, e.g. firewalls, help protect data assets and computer systems against unauthorised entry. However, one area which is often largely ignored is the human factor of system security. Through social engineering techniques, malicious attackers are able to breach organisational security via people interactions. This paper presents a security awareness training framework, which can be used to train operators of critical infrastructure, on various social engineering security threats such as spear phishing, baiting, pretexting, among others.Keywords Critical infrastructure security · Security awareness · Cyber security training · Work-based security training · Security threats against critical infrastructure

show abstract

Proposed Approach for Targeted Attacks Detection

Cited by 21 publications

References 7 publications

Internet of Things Security: A review on the RFID contactless security protocols

Internet of Things Security: A review on the RFID contactless security protocols

Disguised executable files in spear-phishing emails: Detecting the point of entry in advanced persistent threat

Security threats to critical infrastructure: the human factor

Contact Info

Product

Resources

About