The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Sophisticated attacks on Energy Delivery Systems (EDS) are no longer theoretical, and instead pose a serious threat to American economies. The EDS community has worked collaboratively to develop security requirements to protect EDS against such attacks, but the documents that contain these requirements are often dense, ambiguous and difficult for humans to understand, resulting in highly subjective...
Honeynet is a network architecture that utilizes multiple honeypots to deceive attackers and analyze their malicious behaviors. However, existing honeynet has not evolved much since its latest architecture, Gen-III, which was proposed in 2004. Meanwhile, security threats and techniques used by adversaries have been continuously advanced. As a result, honeypot architecture is suffering from its limited...
Numerous security incidents caused by malwaresand hackers have recently utilized anti-forensic techniquesto bypass analysis and detection. It is critical to build aknowledge base that would help understand such anti-forensictechniques. In this paper, we present a forensic analysis methodto detect an anti-forensic technique which leverages timestampmanipulation in NTFS file system. Our approach analyzeshow...
A six-year analysis of 12 multilingual online marketplaces focuses on underground commerce, including stolen user data, fake identities, and attacking tools and services. Migration trends, items for sale, and seller and buyer characteristics reveal commonalities among these fraudulent markets.
Increasing situational awareness and investigating the cause of a software-induced cyber attack continues to be one of the most difficult yet important endeavors faced by network security professionals. Traditionally, these forensic pursuits are carried out by manually analyzing the malicious software agents at the heart of the incident, and then observing their interactions in a controlled environment...
Even though promising results have been obtained from existing research on bots and associated command and control channels, there is little research in exploring the ways on how bots are created and distributed by adversaries. Consequently, innovative methods that help determine the linkage between the rogue programs and adversaries are imperative for mitigating and combating botnet attacks. Recent...
As promising results have been obtained in defeating code obfuscation techniques, malware authors have adopted protection approaches to hide malware-related data from analysis. Consequently, the discovery of internal cipher text data in malware is now critical for malware forensics and cyber-crime analysis. In this paper, we present a novel approach to automatically extract secrets from malware. Our...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.