Projects per year
Information Technology plays an increasingly important role in the provision of essential services. For these systems and networks to be reliable and trustworthy, we must defend them from those who would seek to compromise their Confidentiality, Integrity and Availability. Security intelligence tells us about the Tactics, Techniques and Procedures used by threat actors for these very purposes. In this paper, we introduce a novel method for learning malicious behaviours and then estimating how likely it is that a system has been compromised. One of the difficulties encountered when applying machine learning to cyber security, is the lack of ground truth on which to train supervised techniques. This is often compounded by the volume, variety and velocity of data which is far greater than can be processed using only human analyses. The technique, known as LeWiS, includes data preparation and processing phases that learn and later predict the presence of threat actors using a model of their behaviours. The method addresses the problems of scale and veracity, by learning Indicators of Attack via feature extraction from security intelligence that has been obtained through empirical methods. This approach shows promising classification performance for detecting learned malicious behaviours, within synthesised systems' event data.
|Title of host publication||Proceedings of the 17th International Conference on Web Information Systems and Technologies - WEBIST 2021|
|Number of pages||12|
|Publication status||Published - 28 Oct 2021|
|Event||International Conference on Web Information Systems and Technologies - Online, Valletta, Malta|
Duration: 26 Oct 2021 → 28 Oct 2021
Conference number: 17
|Conference||International Conference on Web Information Systems and Technologies|
|Period||26/10/21 → 28/10/21|
- cyber security
- estimation methods
- threat intelligence
- machine learning
FingerprintDive into the research topics of 'The LeWiS method: target variable estimation using cyber security intelligence'. Together they form a unique fingerprint.
- 1 Active
Mohasseb, A. & Aziz, B.
1/10/20 → 1/10/25