Cyber Threat Intelligence

1. Front Matter

   Pages i-vi

   PDF

2. Cyber Threat Intelligence: Challenges and Opportunities

   • Mauro Conti, Tooska Dargahi, Ali Dehghantanha

   Pages 1-6

3. Machine Learning Aided Static Malware Analysis: A Survey and Tutorial

   • Andrii Shalaginov, Sergii Banin, Ali Dehghantanha, Katrin Franke

   Pages 7-45

4. Application of Machine Learning Techniques to Detecting Anomalies in Communication Networks: Datasets and Feature Selection Algorithms

   • Qingye Ding, Zhida Li, Soroush Haeri, Ljiljana Trajković

   Pages 47-70

5. Application of Machine Learning Techniques to Detecting Anomalies in Communication Networks: Classification Algorithms

   • Zhida Li, Qingye Ding, Soroush Haeri, Ljiljana Trajković

   Pages 71-92

6. Leveraging Machine Learning Techniques for Windows Ransomware Network Traffic Detection

   • Omar M. K. Alhawi, James Baldwin, Ali Dehghantanha

   Pages 93-106

7. Leveraging Support Vector Machine for Opcode Density Based Detection of Crypto-Ransomware

   • James Baldwin, Ali Dehghantanha

   Pages 107-136

8. BoTShark: A Deep Learning Approach for Botnet Traffic Detection

   • Sajad Homayoun, Marzieh Ahmadzadeh, Sattar Hashemi, Ali Dehghantanha, Raouf Khayami

   Pages 137-153

9. A Practical Analysis of the Rise in Mobile Phishing

   • Brad Wardman, Michael Weideman, Jakub Burgis, Nicole Harris, Blake Butler, Nate Pratt

   Pages 155-168

10. PDF-Malware Detection: A Survey and Taxonomy of Current Techniques

    • Michele Elingiusti, Leonardo Aniello, Leonardo Querzoni, Roberto Baldoni

    Pages 169-191

11. Adaptive Traffic Fingerprinting for Darknet Threat Intelligence

    • Hamish Haughey, Gregory Epiphaniou, Haider Al-Khateeb, Ali Dehghantanha

    Pages 193-217

12. A Model for Android and iOS Applications Risk Calculation: CVSS Analysis and Enhancement Using Case-Control Studies

    • Milda Petraityte, Ali Dehghantanha, Gregory Epiphaniou

    Pages 219-237

13. A Honeypot Proxy Framework for Deceiving Attackers with Fabricated Content

    • Jarko Papalitsas, Sampsa Rauti, Jani Tammi, Ville Leppänen

    Pages 239-258

14. Investigating the Possibility of Data Leakage in Time of Live VM Migration

    • Rehana Yasmin, Mohammad Reza Memarian, Shohreh Hosseinzadeh, Mauro Conti, Ville Leppänen

    Pages 259-279

15. Forensics Investigation of OpenFlow-Based SDN Platforms

    • Mudit Kalpesh Pandya, Sajad Homayoun, Ali Dehghantanha

    Pages 281-296

16. Mobile Forensics: A Bibliometric Analysis

    • James Gill, Ihechi Okere, Hamed HaddadPajouh, Ali Dehghantanha

    Pages 297-310

17. Emerging from the Cloud: A Bibliometric Analysis of Cloud Forensics Studies

    • James Baldwin, Omar M. K. Alhawi, Simone Shaughnessy, Alex Akinbi, Ali Dehghantanha

    Pages 311-331

18. Back Matter

    Pages 333-334

    PDF

This book provides readers with up-to-date research of emerging cyber threats and defensive mechanisms, which are timely and essential. It covers cyber threat intelligence concepts against a range of threat actors and threat tools (i.e. ransomware) in cutting-edge technologies, i.e., Internet of Things (IoT), Cloud computing and mobile devices. This book also provides the technical information on cyber-threat detection methods required for the researcher and digital forensics experts, in order to build intelligent automated systems to fight against advanced cybercrimes.

The ever increasing number of cyber-attacks requires the cyber security and forensic specialists to detect, analyze and defend against the cyber threats in almost real-time, and with such a large number of attacks is not possible without deeply perusing the attack features and taking corresponding intelligent defensive actions – this in essence defines cyber threat intelligence notion. However, such intelligence would not be possible without the aid of artificial intelligence, machine learning and advanced data mining techniques to collect, analyze, and interpret cyber-attack campaigns which is covered in this book. This book will focus on cutting-edge research from both academia and industry, with a particular emphasis on providing wider knowledge of the field, novelty of approaches, combination of tools and so forth to perceive reason, learn and act on a wide range of data collected from different cyber security and forensics solutions. This book introduces the notion of cyber threat intelligence and analytics and presents different attempts in utilizing machine learning and data mining techniques to create threat feeds for a range of consumers. Moreover, this book sheds light on existing and emerging trends in the field which could pave the way for future works.

The inter-disciplinary nature of this book, makes it suitable for a wide range of audiences with  backgroundsin artificial intelligence, cyber security, forensics, big data and data mining, distributed systems and computer networks. This would include industry professionals, advanced-level students and researchers that work within these related fields.

• Cyber threat
• Cyber security
• Hacking
• Threat intelligence
• Machine learning
• cyber forensics
• threat analysis
• intrusion detection
• incident response
• cyber defense
• malware analysis
• malware campaign detection
• cyber kill chain
• indicators of compromise
• evidence correlation

“Cyber Threat Intelligence offers responsible security professionals a chance to come face to face with the cyberthreat detectors of the modern era. Many may be intimidated by the ‘computerese,’ equations, and algorithms … but they have the educational advantage of engaging with the genuine article, not a sugar-coated primer.” (James T. Dunne, Security Management, June 01, 2019)

• Department of Computer Science, University of Sheffield, Sheffield, United Kingdom

  Ali Dehghantanha

• Department of Mathematics, University of Padua, Padua, Italy

  Mauro Conti

• Department of Computer Science, University of Salford, Manchester, United Kingdom

  Tooska Dargahi

Policies and ethics