Discover the world's scientific knowledge

Good time of day.

Sorry for disturbance. I cannot prove my Kurchatov institute as a place of work. Corporate email security do not allow validate email link. It is written: access denied to this resource.

What can I do then?

Thank you for your attention.

Sincerely, Taras.

hello dear researchers

anybody interested in information Security field to Collaborate on writing an article please send me an email

my email is: rebwar.karimi.ui@gmail.com

best wishes

In a situation where companies, enterprises, financial and public institutions have a built in cybercrime risk management system, including email anti-spam applications, anti-virus systems, complex login tools, backap systems for data contained on hard drives, firewalls, cyber threat early warning systems, etc., then most cybercrime attacks targeting these business entities prove to be ineffective, and those that are effective cause very limited problems, financial losses, etc. However, there are still many business entities, especially companies and SMEs, that do not have complex, high-tech, integrated systems built to manage the risk of cybercrime and/or loss of sensitive data stored in databases. In recent years, one of the most serious cybercrime problems causing serious financial losses in some companies, enterprises, public institutions include cyberattacks used by cybercriminals with ransomware-type viruses. A successful attack carried out using ransomware viruses results in infecting a computer, blocking users, company employees from accessing the company's internal systems, stealing or blocking access to data collected in the company's databases, information stored on hard drives, etc., with a simultaneous demand to pay a ransom to remove the imposed blockades. In Poland, of the companies attacked with ransomware viruses, as many as 77 percent agree to pay the ransom. So security systems are still too poorly organized in many companies and institutions. In many business entities, systems for managing the risk of cybercrime and/or loss of sensitive data archived in internal databases are still not professionally built. Cybercrime risk management in many companies and enterprises apparently works poorly or not at all. Since generative artificial intelligence technology is being applied in many areas of cyber-security, so the question arises, could the application of this technology to detect cyber-crime attacks carried out with ransomware-type viruses significantly increase the level of cyber-security in many companies, enterprises, financial and public institutions?

I am conducting research in the problems of analyzing cybercriminal attacks conducted using ransomware viruses and in improving cyber security systems. I have included the conclusions of my research in the following articles:

Analysis of the security of information systems protection in the con-text of the global cyberatomy ransomware conducted on June 2, 2017

Development of malware ransomware as a new dimension of cybercrime taking control of IT enterprise and banking systems

Determinants of the development of cyber-attacks on IT systems of companies and individual clients in financial institutions

The Impact of the COVID-19 Pandemic on the Growing Importance of Cybersecurity of Data Transfer on the Internet

Cybersecurity of Business Intelligence Analytics Based on the Processing of Large Sets of Information with the Use of Sentiment Analysis and Big Data

THE QUESTION OF THE SECURITY OF FACILITATING, COLLECTING AND PROCESSING INFORMATION IN DATA BASES OF SOCIAL NETWORKING

I invite you to get acquainted with the issues described in the above-mentioned publications and to scientific cooperation in these issues.

In view of the above, I address the following question to the esteemed community of scientists and researchers:

What do you think about this topic?

What is your opinion on this issue?

Please answer,

I invite everyone to join the discussion,

Thank you very much,

Best regards,

Dariusz Prokopowicz

This question sounds straightforward, but it is not as clear-cut as most people want it to be.

Security Operation Centers work on a platitude of data, data that is pertinent to other towers such as threat intelligence, content creation, and overall security "metrix".

My question is, should full-scope (imagine verbose logging except for Event Logs) EDR, supercede Windows Event Logs, due to volume and EPS.

Something to Ponder:

Proxy logs are critical for IR, but less critical for detection, especially with Proxy working as SaaS. EDR logs typically keep network connections, DNS and some other incredibly important endpoint data. I firmly believe that the logs should always be ingested in this order, if available:

1) EDR pre-enriched with vetted Intelligence (whether it's Sysmon globally configured, etc. - Deployed appropriately to servers)

2) Email Logs/Message Tracking (I believe that Email is still the largest attack vector. Malware or suspicious links are typically configured faster than intel can block them, meaning that most threats still come via email)

3) Proxy (to cover egress of malware)

4) Layer 7 Firewalls/Perimeter (Required for true correlation between systems)

5) Critical Windows Event Security Logs (Typical detections by EventCode, Auth Token types, detection of brute forcing, if not caught by another tool/correlation if it has been)

Am I missing something or does this appear to be a good model? I've had the realization that all teams that deal with "cyber security" are truly using the same data, just with different views;

This tells me that something like SIEM +SOAR + proper data logging + data visualization tools that caters to Threat Intelligence, Security Analysts, and the engineers supporting the automation and workflows are the "best" way to go.

Obviously, some of this sounds generic, but the main focus are the top sources that would be required by a SIEM to properly cover the basics.

Given a set of twenty-three (23) attributes:

userID, email, common name, surname, givenName, Global username, displayName, Organization Name, Organizational Unit, home organization, institution type, affiliation type, affliationTypeScope, PrimaryAffiliation, Entitlement, PersonAssurance, TargetId, Legalname, sharedToken, AffiliationType, Postal Address, TelephoneNumber, MobileNumber.

How many of these attributes are sufficient enough to identify an individual in cloud environment?

ACeS 2019 is the first edition of cyber security conference to be organized by National Advanced IPv6 Centre (NAV6), Universiti Sains Malaysia, in which advances on cyber security including security and safety trends, solutions and issues can be examined, shared and learned from several perspectives of the academic, professionals and researchers around the globe.

Papers accepted for presentation and presented at the conference will be submitted for inclusion in the conference proceeding that will be published in Springer’s Communications in Computer and Information Science (CCIS) Series for inclusion. ACeS 2019 is organized as conferences, hands-on workshops and other co-located events.

Call for Paper at https://aces.usm.my/cfp

Call for Technical Program Committee Member - if you are interested to be a TPC member for this conference, please drop us an email at aces@usm.my with Subject "TPC Member". Thank you.

More info at https://aces.usm.my

I am writing a paper that focuses on the importance of centralizing file-based spatial that exist in data silos currently fragmented in file servers, email servers, web servers, document management systems, etc. Most of the solutions that consolidate spatial data are for database-based spatial data. However, much spatial data still exists in files and are unconsolidated.

One description missing from the paper is how enterprise spatial organisations are currently handling security of these spatial files, especially those that exist in data silos (fragmented in file servers, email servers, web servers, document management systems, etc).

Unfortunately, I do not know anyone in the enterprise GIS organisations and therefore its hard to know how these organisations store and handle the security of these data. Could anyone with an industry background please guide me.

Any online document/paper that describes this issue which I can cite would be well appreciated.

Dr. Lan Zhang Northern Arizona University (NAU) https://sites.google.com/view/lanzhang

Position: Ph.D. Students Contact: Dr. Lan Zhang (lan.zhang@nau.edu)

Research Areas: We are hiring Ph.D. students to work on cutting-edge research in cybersecurity, including but not limited to:

Application Process: Interested candidates should send an email to Dr. Lan Zhang (lan.zhang@nau.edu) with the following:

Start Date: Fall 2025

Join us to advance the frontier of cybersecurity research!

I have a project concerning security and privacy in cloud. i found link http://www.unb.ca/cic/datasets/ids-2017.html that contains set of datasets, but the link contains the description of the dataset only. any suggestions on how to download these dataset (especially the ids-2017). My email dr_venus2004@yahoo.com or venus.samawi@iu.edu.jo

Also I am looking for a dataset suitable for generating rules for privacy in cloud ,

any suggestion??

thank you

In recent years, technologies that play an important role in the field of Industry 4.0, technologies that determine the current fourth technological revolution, including machine learning technologies, deep learning and artificial intelligence are finding their way into improving cyber security systems. Financial institutions, including commercial banks, are implementing a certain generation of artificial intelligence technologies into specific areas of banking in order to increase process efficiency, economic efficiency, etc. Artificial intelligence is already being used by banks to improve remote communication processes with customers, in call centre departments as part of the creation of automated remote communication systems and digitised adviser avatars, in the process of managing credit risk and other risk categories, and also in the area of cyber-security.Therefore, opportunities are emerging for the application of artificial intelligence technologies in improving cyber-security techniques and systems in various areas of cyber-security in online and mobile banking, including issues such as:

1. improving cyber-security techniques to protect the information systems of financial institutions, including banks, from external cyber-attacks via email and ransomware viruses.

2. improving cybercrime risk management systems for integrated internal information systems connected to the Internet.

3. Improving cyber security techniques implemented through the implementation of new Industry 4.0 technologies, including artificial intelligence, machine learning, Blockchain, multi-criteria simulation models, etc., and advanced analytical techniques such as Big Data Analytics, Business Intelligence.

4. improving the anti-spam systems used to protect email inboxes in order to increase the filtering out of emails where cybercriminals use phishing techniques and/or send malware and ransomware viruses in the background of the email.

5. Improving cyber-security techniques for online and mobile banking systems with a particular focus on mobile banking implemented on the bank's customer side using smartphones equipped with specific operating systems and web applications.

6. Analysis of the level of effectiveness and cyber security for biometric techniques for encoding access to information systems as an important factor in cyber security.

7. perfecting cyber-security techniques in integrated, internal, intranet information systems operating in financial institutions, including commercial banks characterised by a complex organisational structure and companies forming interconnected business entities.

In view of the above, financial institutions, including commercial banks, are implementing a certain generation of artificial intelligence technologies in various areas of banking, including in the improvement of cyber-security techniques and systems.

In view of the above, I address the following question to the esteemed community of scientists and researchers:

What do you think about this topic?

What is your opinion on this subject?

Please respond,

I invite you all to discuss,

Thank you very much,

Best regards,

Dariusz Prokopowicz