https://scholars.lib.ntu.edu.tw/handle/123456789/424335
標題: | Uncovering Internal Threats Based on Open-Source Intelligence | 作者: | CHIN-LAUNG LEI Yang, Wei Chieh MENG-HAN TSAI Wang, Ming Hung |
關鍵字: | Advanced persistent threat | Malicious domain names | Open source intelligence | Sinkhole server | 公開日期: | 1-一月-2019 | 卷: | 1013 | 來源出版物: | Communications in Computer and Information Science | 摘要: | © Springer Nature Singapore Pte Ltd. 2019. As the emerging threats of cybercriminals in recent years, how to efficiently and economically identify stealthy activities and attacks to avoid sensitive information leakage has been an important issue. However, due to business confidentiality and a lack of trust among information sharing, such valuable information is not exchanged transparently and not well utilized so far. In this study, we propose a hybrid method for internal threat identification. Our method leverages external open-source intelligence and applies it to internal network activities to uncover potential hacking campaigns among the network. We present the method consisting of collecting external intelligence, detecting internal infections, and identifying threats. We conduct our experiment under a tier-1 network in Taiwan. From the results, our method successfully identifies a number of famous hacking groups which are underneath threats in the large-scale network. |
URI: | https://scholars.lib.ntu.edu.tw/handle/123456789/424335 | ISBN: | 9789811391897 | ISSN: | 18650929 | DOI: | 10.1007/978-981-13-9190-3_68 |
顯示於: | 電機工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。