Organizations and their security operation centers often struggle to detect and respond effectively to an extensive quantity of ever-evolving cyberattacks. While collaboration, such as threat intelligence sharing between security teams, and response ...

In real life, distinct runs of the same artifact lead to the exploration of different paths, due to either system’s natural randomness or malicious constructions. These variations might completely change execution outcomes (extreme case). Thus, to analyze ...

With the significant advances in deep generative models for image and video synthesis, Deepfakes and manipulated media have raised severe societal concerns. Conventional machine learning classifiers for deepfake detection often fail to cope with evolving ...

Understanding the modus operandi of adversaries aids organizations to employ efficient defensive strategies and share intelligence in the community. This knowledge is often present in unstructured natural language text within threat analysis reports. A ...

Extended Reality (XR) platforms can expose users to novel attacks including embodied abuse and/or AI attacks-at-scale. The expanded attack surfaces of XR technologies may expose users of shared online platforms to psychological/social and physiological ...

Advanced persistent threat (APT) attacks present a significant challenge for any organization, as they are difficult to detect due to their elusive nature and characteristics. In this article, we conduct a comprehensive literature review to investigate ...

The short message service (SMS) is a service for exchanging texts via mobile networks that has been developed not only as a means of text communication between subscribers but also as a means to remotely manage Internet of Things (IoT) devices. However, ...

Condorcet voting is widely regarded as one of the most important voting systems in social choice theory. However, it has seen little adoption in practice, due to complex tallying and the need to break ties when there is a Condorcet cycle. Several online ...

Cybersecurity playbooks assume an increasingly important role as threat-specific documents for guiding operators in the context of cyber incident response. However, these playbooks are mostly unstructured or semi-structured, which significantly limits ...

This article addresses the significant threat posed by rootkits as part of the diverse malware landscape of today. Rootkits enable an attacker to regain access to an already comprised system at root-level making their prompt identification and removal ...

The National Vulnerability Database (NVD) is a major vulnerability database that is free to use for everyone. It provides information about vulnerabilities and further useful resources such as linked advisories and patches. The NVD is often considered as ...

Remote forensic investigations, i.e., the covert lawful infiltration of computing devices, are a generic method to acquire evidence in the presence of strong defensive security. A precondition for such investigations is the ability to execute software ...

The significant rise in digital threats and attacks has led to an increase in the use of cyber insurance as a cyber risk treatment method intended to support organisations in the event of a security breach. Insurance providers are set up to assume such ...

For decades, operational technology (OT) has enjoyed the luxury of being suitably inaccessible, and thus has experienced directly targeted cyber attacks from only the most advanced and well-resourced adversaries. However, security via obscurity cannot ...

Recent years have seen advancements in machine learning methods for the detection of misinformation on social media. Yet, these methods still often ignore or improperly incorporate key information on the topical-tactics used by misinformation agents. To ...

Network intrusion detection systems (NIDS) play a critical role in discerning between benign and malicious network traffic. Deep neural networks (DNNs), anchored on large and diverse datasets, exhibit promise in enhancing the detection accuracy of NIDS by ...

The interactions between software and hardware are increasingly important to computer system security. This research collected microprocessor control signal sequences to develop machine learning models that identify software tasks. In contrast with prior ...

Honeypots serve as a valuable deception technology, enabling security teams to gain insights into the behaviour patterns of attackers and investigate cyber security breaches. However, traditional honeypots prove ineffective against advanced adversaries ...

Incident response teams need to determine what happened before and after an observation of adversary behavior in order to effectively respond to incidents. The MITRE ATT&CK knowledge base provides useful information about adversary behaviors, but provides ...

In this paper, we leverage natural language processing and machine learning algorithms to profile threat actors based on their behavioral signatures to establish identification for soft attribution. Our unique dataset comprises various actors and the ...