2019 IEEE International Conference on Intelligence and Security Informatics (ISI)最新文献_第7页

CNN-based DGA Detection with High Coverage 基于cnn的高覆盖率DGA检测

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI: 10.1109/ISI.2019.8823200

Shaofang Zhou, Lanfen Lin, Junkun Yuan, Feng Wang, Zhaoting Ling, Jia Cui

{"title":"CNN-based DGA Detection with High Coverage","authors":"Shaofang Zhou, Lanfen Lin, Junkun Yuan, Feng Wang, Zhaoting Ling, Jia Cui","doi":"10.1109/ISI.2019.8823200","DOIUrl":"https://doi.org/10.1109/ISI.2019.8823200","url":null,"abstract":"Attackers often use domain generation algorithms (DGAs) to create various kinds of pseudorandom domains dynamically and select a part of them to connect with command and control servers, therefore it is important to automatically detect the algorithmically generated domains (AGDs). AGDs can be broken down into two categories: character-based domains and wordlist-based domains. Recently, methods based on machine learning and deep learning have been widely explored. However, much of the previous work perform well in detecting one kind of DGA families but poorly in classifying another kind. A general detection system which is applicable to both kinds of domains still remains a challenge. To address this problem, we propose a novel real-time detection method with high accuracy as well as high coverage. We first convey a domain name into a sequence of word-level or character-level components, then design a deep neural network based on temporal convolutional network to extract the implicit pattern and classify the domain into two or more categories. Our experimental results demonstrate that our model outperforms state-of-the-art approaches in both binary classification and multi-class classification, and shows a good performance in detecting different kinds of DGAs. Besides, the high training efficiency of our model makes it adjust to new malicious domains quickly.","PeriodicalId":156130,"journal":{"name":"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116089116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 11

ISI 2019 Welcome Message from Conference Co-Chairs 会议联合主席致2019年ISI欢迎辞

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI: 10.1109/isi.2019.8823297

引用次数: 0

A Risk Assessment Method based on Software Behavior 基于软件行为的风险评估方法

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI: 10.1109/ISI.2019.8823394

G. Chen, Kun Wang, Jian Tan, Xiaoyong Li

引用次数: 3

Cybersecurity Education: From Beginners to Advanced Players in Cybersecurity Competitions 网络安全教育:从初学者到网络安全竞赛的高级选手

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI: 10.1109/ISI.2019.8823310

Lindsey J. Thomas, Moises Balders, Zach Countney, Chen Zhong, Jun Yao, Chunxia Xu

{"title":"Cybersecurity Education: From Beginners to Advanced Players in Cybersecurity Competitions","authors":"Lindsey J. Thomas, Moises Balders, Zach Countney, Chen Zhong, Jun Yao, Chunxia Xu","doi":"10.1109/ISI.2019.8823310","DOIUrl":"https://doi.org/10.1109/ISI.2019.8823310","url":null,"abstract":"Cybersecurity competitions have been shown to be an effective approach for promoting student engagement through active learning in cybersecurity. Players can gain hands-on experience in puzzle-based or capture-the-flag type tasks that promote learning. However, novice players with limited prior knowledge in cybersecurity usually found difficult to have a clue to solve a problem and get frustrated at the early stage. To enhance student engagement, it is important to study the experiences of novices to better understand their learning needs. To achieve this goal, we conducted a 4-month longitudinal case study which involves 11 undergraduate students participating in a college-level cybersecurity competition, National Cyber League (NCL) competition. The competition includes two individual games and one team game. Questionnaires and in-person interviews were conducted before and after each game to collect the players’ feedback on their experience, learning challenges and needs, and information about their motivation, interests and confidence level. The collected data demonstrate that the primary concern going into these competitions stemmed from a lack of knowledge regarding cybersecurity concepts and tools. Players' interests and confidence can be increased by going through systematic training.","PeriodicalId":156130,"journal":{"name":"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127598542","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 11

CrossSimON: A Novel Probabilistic Approach to Cross-Platform Online Social Network Simulation CrossSimON:跨平台在线社交网络模拟的一种新的概率方法

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI: 10.1109/ISI.2019.8823276

Jinwei Liu, Wingyan Chung, Yifan Huang, Cagri Toraman

{"title":"CrossSimON: A Novel Probabilistic Approach to Cross-Platform Online Social Network Simulation","authors":"Jinwei Liu, Wingyan Chung, Yifan Huang, Cagri Toraman","doi":"10.1109/ISI.2019.8823276","DOIUrl":"https://doi.org/10.1109/ISI.2019.8823276","url":null,"abstract":"The increasing popularity and diversity of online social networks (OSNs) have attracted more and more people to participate in multiple OSNs. Learning users' behavior and information diffusion across platforms is critical for cyber threat detection, but it is still a challenge due to the surge of users participating in multiple social platforms. Existing research on profile matching requires user identity information to be available, which may not be realistic. Little prior research payed attention to mapping behavioral patterns across platforms. We designed and implemented an efficient two-level probabilistic approach called CrossSimON to mapping user-group behavior across platforms. CrossSimON considers the activity level and network position at both individual user level and group level to correlate activities across social platforms. To evaluate the effectiveness of CrossSimON in modeling social activity across platforms, we conducted experiments on three online social platforms: GitHub, Reddit and Twitter. Our experimental results show that CrossSimON outperformed the Benchmark in 3 out of 5 simulation metrics. CrossSimON achieved better performance in user activity prediction. The research provides new strategy for cross-platform online social network simulation, and new findings on simulating OSNs and predictive analytics for understanding online social network behavior.","PeriodicalId":156130,"journal":{"name":"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124692345","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

A BP Neural Network for Identifying Corporate Financial Fraud 基于BP神经网络的企业财务欺诈识别

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI: 10.1109/ISI.2019.8823408

Xin Ma, Xunjia Li, Yanjie Song, Xiaolong Zheng, Zhongshan Zhang, Renjie He

引用次数: 2

Community Partition immunization strategy based on Search Engine 基于搜索引擎的社区分区免疫策略

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-07-01 DOI: 10.1109/ISI.2019.8823495

Zhaokang Ke, Cai Fu, Liqing Cao, Mingjun Yin, Xiwu Chen, Yang Li

{"title":"Community Partition immunization strategy based on Search Engine","authors":"Zhaokang Ke, Cai Fu, Liqing Cao, Mingjun Yin, Xiwu Chen, Yang Li","doi":"10.1109/ISI.2019.8823495","DOIUrl":"https://doi.org/10.1109/ISI.2019.8823495","url":null,"abstract":"People's dependence on search engines allows various computer viruses to spread faster and stronger. Most scholars have neglected the influence of search engines on virus propagation and immunity. It is impossible to immunize all users at the same time with a huge system like social networks. So the main problem is how to pick a fixed-scale node cluster as the source of immunity in the network, which can make other individuals immune and continue to spread (called immune seeds). The immune seeds are scattered on some web pages of search engines to reduce the network virus infection rate. We establish two models, one is the model of computer virus early propagation based on the search engine, and the other is the model of the virus propagation and immunization model. Then we propose an improved immunization strategy: Community Partition immunization strategy based on the target immunization strategy. And we use four real datasets and two simulated datasets to do the simulation experiments, which shows that search engine can promote the propagation of the virus and the immune seeds, and the efficiency of the Community Partition immunization strategy is slightly higher than the target immunization strategy based on degree under the same conditions.","PeriodicalId":156130,"journal":{"name":"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116995600","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Understanding the Radical Mind: Identifying Signals to Detect Extremist Content on Twitter 理解激进思想:识别信号以检测Twitter上的极端主义内容

2019 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2019-05-15 DOI: 10.1109/ISI.2019.8823548

Mariam Nouh, Jason R. C. Nurse, M. Goldsmith

{"title":"Understanding the Radical Mind: Identifying Signals to Detect Extremist Content on Twitter","authors":"Mariam Nouh, Jason R. C. Nurse, M. Goldsmith","doi":"10.1109/ISI.2019.8823548","DOIUrl":"https://doi.org/10.1109/ISI.2019.8823548","url":null,"abstract":"The Internet and, in particular, Online Social Networks have changed the way that terrorist and extremist groups can influence and radicalise individuals. Recent reports show that the mode of operation of these groups starts by exposing a wide audience to extremist material online, before migrating them to less open online platforms for further radicalization. Thus, identifying radical content online is crucial to limit the reach and spread of the extremist narrative. In this paper, our aim is to identify measures to automatically detect radical content in social media. We identify several signals, including textual, psychological and behavioural, that together allow for the classification of radical messages. Our contribution is threefold: (1) we analyze propaganda material published by extremist groups and create a contextual text-based model of radical content, (2) we build a model of psychological properties inferred from these material, and (3) we evaluate these models on Twitter to determine the extent to which it is possible to automatically identify online radical tweets. Our results show that radical users do exhibit distinguishable textual, psychological, and behavioural properties. We find that the psychological properties are among the most distinguishing features. Additionally, our results show that textual models using vector embedding features significantly improves the detection over TF-IDF features. We validate our approach on two experiments achieving high accuracy. Our findings can be utilized as signals for detecting online radicalization activities.","PeriodicalId":156130,"journal":{"name":"2019 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127890873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 38