Перегляд за автором "Carlsson, A."
Зараз показано 1 - 4 з 4
Результатів на сторінку
Варіанти сортування
Публікація Detecting cyber threats through social network analysis: short survey(SocioEconomic Challenges, Volume 1, Issue 1, 2017, 2017.) Kirichenko, L.; Radivilova, T.; Carlsson, A.This article considers a short survey of basic methods of social networks analysis, which are used for detecting cyber threats. The main types of social network threats are presented. Basic methods of graph theory and data mining, that deals with social networks analysis are described. Typical security tasks of social network analysis, such as community detection in network, detection of leaders in communities, detection experts in networks, clustering text information and others are considered.Публікація Discovering New Indicators for Botnet Traffic Detection(EWDTS, 2014) Adamov, A.; Hahanov, V.; Carlsson, A.Botnets became the powerful cyber weapon that involves tens of millions of infected computers – “cyber zombies” – all over the world. The security industry makes efforts to prevent spreading botnets and compromising an Individual Cyberspace (IC)[1] of users in such way. However, botnets continue existing despite numerous takedowns initiated by antivirus companies, Microsoft, FBI, Europol and others. In this paper we investigate existed methods of traffic detection represented mostly by IDS system and discover new indicators that can be utilized for improving botnet traffic detection. To do this we analyse the most prevalent backdoors communication protocols that stay behind of the popular botnets. As a result, we extracted new data that might be used in detection routines of IDS (Intrusion Detection System). An objective of the study is mining new indicators of compromise from botnet traffic and using them to identify cyber-attacks on IC. The analysis method assumes analysis of a communication protocol of the top botnet backdoors. The discovered results that can be used to improve detection of infected hosts in a local network are presented in this paper. A modern society sees an increase in cyber attacks that is attempted to be mitigated by antivirus and other security companies. Nowadays an Individual Cyberspace is highly vulnerable against identity and money theft on the Internet. The most spread and dangerous threat for every Internet user is botnets that conquer more and more user computers and turning them into “cyber zombies”. Despite numerous takedown attempts the botnets are still alive and continue successfully stealing users’ credentials. Detecting botnet is a complex task because of two major reasons: using encryption for transferred data, involving numerous infected bots as proxy layers to deliver data to C&C. Currently the botnets became an unbreakable despite of recent takedowns of Kelihos and Zeus botnets because of distributed nature of botnets and using several layers of proxy-bots. The latest Tovar Operation jointly run by FBI, NCA, Europol and antivirus companies in the beginning of June disconnected Zeus bots from mothership C&C(Command and Control) servers.Публікація Educating the Next Generation MSc in Cyber Security(2019) Carlsson, A.; Sokolianska, I.; Adamov, A.The degree project is conducted at the end of the education programs that lead to Bachelor’s, Master’s, and Master of Science in Engineering (MSE) degrees. The purpose of the project for a student is to practice the necessary skills used to independently define,plan, conduct, and present a project. The projects focus on research, on development,or contain a blend of both.Публікація Модели управления уязвимостью(ХНУРЭ, 2012) Хаханов, В. И.; Carlsson, A.; Чумаченко, С. В.; Бутенко, С. А.Предлагается математический аппарат создания инфраструктуры программно-аппаратных телекоммуникационных информационных кибернетических систем (КС), ориентированной на защиту от несанкционированного доступа к сервисам, определенным в спецификации системы, путем проникновения через легальные интерфейсы взаимодействия компонентов, имеющие уязвимости. Инфраструктура защитных сервисов создается вместе с киберсистемой и сопровождает последнюю в течение всего жизненного цикла, обслуживая все последующие модификации КС, и сама постоянно повышает свой интеллект путем пополнения истории и библиотек конструктивных и деструктивных компонентов.