Browse wiki

From Navigators

Jump to: navigation, search
Publication:EDCC 2018
Abstract Cybercrime has steadily increased over the Cybercrime has steadily increased over the last years, being nowadays the greatest security concern of most enterprises. Institutions often protect themselves from attacks by employing intrusion detection systems (IDS) that analyze the payload of packets to find matches with rules representing threats. However, the accuracy of these systems is as good as the knowledge they have about the threats. Nowadays, with the continuous flow of novel forms of sophisticated attacks and their variants, it is a challenge to keep an IDS updated. Open Source Intelligence (OSINT) could be explored to effectively obtain this knowledge, by retrieving information from diverse sources. This paper proposes a fully automated approach to update the IDS knowledge, covering the full cycle from OSINT data feed collection until the installation of new rules and blacklists. The approach was implemented as the IDSoSint system and was assessed with 49 OSINT feeds and production traffic. It was able to identify in real time various forms of malicious activities, including botnet C&C servers communications, remote access applications, brute-force attacks, and phishing events. brute-force attacks, and phishing events.
Author Ivo Vacas + , Ibéria Medeiros + , Nuno Ferreira Neves +
Booktitle Proceedings of the 14th European Dependable Computing Conference (EDCC)  +
Key EDCC 2018  +
Month sep  +
NumPubDate 2,018.09  +
Project Project:DiSIEM +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
Title Detecting Network Threats using OSINT Knowledge-based IDS  +
Type inproceedings  +
Year 2018  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 3 July 2018 00:35:23  +
hide properties that link here 
  No properties link to this page.


Enter the name of the page to start browsing from.
Personal tools
Navigators toolbox