9 matches found
BLADE: Behavior-Level Anomaly Detection Using Network Traffic in Web Services
With their widespread popularity, web services have become the main targets of various cyberattacks. Existing traffic anomaly detection approaches focus on flow-level attacks, yet fail to recognize behavior-level attacks, which appear benign in individual flows but reveal malicious purpose using...
Flow-Based Detection and Identification of Zero-Day IoT Cameras
The majority of consumer IoT devices lack mechanisms for administrators to monitor and control them, hindering tailored security policies. A key challenge is identifying whether a new device, especially a streaming IoT camera, has joined the network. We present zCamInspector, a system for...
Anomaly Detection in Network Flows Using Unsupervised Online Machine Learning
Nowadays, the volume of network traffic continues to grow, along with the frequency and sophistication of attacks. This scenario highlights the need for solutions capable of continuously adapting, since network behavior is dynamic and changes over time. This work presents an anomaly detection mod...
Addressing Side-Channel Threats in Quantum Key Distribution Via Deep Anomaly Detection
Traditional countermeasures against security side channels in quantum key distribution QKD systems often suffer from poor compatibility with deployed infrastructure, the risk of introducing new vulnerabilities, and limited applicability to specific types of attacks. In this work, we propose an...
RMSL: Weakly-Supervised Insider Threat Detection with Robust Multi-Sphere Learning
Insider threat detection aims to identify malicious user behavior by analyzing logs that record user interactions. Due to the lack of fine-grained behavior-level annotations, detecting specific behavior-level anomalies within user behavior sequences is challenging. Unsupervised methods face high...
A Hierarchical IDS for Zero-Day Attack Detection in Internet of Medical Things Networks
The Internet of Medical Things IoMT is driving a healthcare revolution but remains vulnerable to cyberattacks such as denial of service, ransomware, data hijacking, and spoofing. These networks comprise resource constrained, heterogeneous devices e.g., wearable sensors, smart pills, implantables,...
Weak-Jamming Detection in IEEE 802.11 Networks: Techniques, Scenarios and Mobility
State-of-the-art solutions detect jamming attacks ex-post, i.e., only when jamming has already disrupted the wireless communication link. In many scenarios, e.g., mobile networks or static deployments distributed over a large geographical area, it is often desired to detect jamming at the early...
Detecting Zero-Day Web Attacks with an Ensemble of LSTM, GRU, and Stacked Autoencoders
The rapid growth in web-based services has significantly increased security risks related to user information, as web-based attacks become increasingly sophisticated and prevalent. Traditional security methods frequently struggle to detect previously unknown zero-day web attacks, putting sensitiv...
OpenSSLX509Certificate deserialization Vulnerability, CVE-2 0 1 5-3 8 2 5)cause analysis-vulnerability warning-the black bar safety net
Serialization Serialization, is the state of the object information can be converted to storage or transmission in the form of the process. During serialization, the object will be in its current state is written to a temporary or persistent storage area. The user can pass from the storage area t...