HUSÁK, Martin. Towards a Data-Driven Recommender System for Handling Ransomware and Similar Incidents. Online. In 2021 IEEE International Conference on Intelligence and Security Informatics (ISI). San Antonio: IEEE, 2021, p. 1-6. ISBN 978-1-6654-3838-4. Available from: https://dx.doi.org/10.1109/ISI53945.2021.9624774.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Towards a Data-Driven Recommender System for Handling Ransomware and Similar Incidents
Authors HUSÁK, Martin (203 Czech Republic, guarantor, belonging to the institution).
Edition San Antonio, 2021 IEEE International Conference on Intelligence and Security Informatics (ISI), p. 1-6, 6 pp. 2021.
Publisher IEEE
Other information
Original language English
Type of outcome Proceedings paper
Country of publisher United States of America
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14610/21:00122713
Organization Ústav výpočetní techniky – Repository – Repository
ISBN 978-1-6654-3838-4
Doi http://dx.doi.org/10.1109/ISI53945.2021.9624774
UT WoS 000848301800018
Keywords in English ransomware;incident handling;lateral movement;recommender system
Links EF16_019/0000822, research and development project.
Changed by Changed by: RNDr. Daniel Jakubík, učo 139797. Changed: 31/3/2023 04:07.
Abstract
Effective triage is of utmost importance for cybersecurity incident response, namely in handling ransomware or similar incidents in which the attacker may use self-propagating worms, infected files, or email attachments to spread malware. If a device is infected, it is vital to know which other devices can be infected too or are immediately threatened. The number and heterogeneity of devices in today's network complicate situational awareness of incident handlers, and, thus, we propose a recommender system that uses network monitoring data to prioritize devices in the network based on their similarity and proximity to an already infected device. The system enumerates devices in close proximity in terms of physical and logical network topology and sorts them by their similarity given by the similarity of their behavioral profile, fingerprint, or common history. The incident handlers can use the recommendation to promptly prevent malware from spreading or trace the attacker's lateral movement.
Type Name Uploaded/Created by Uploaded/Created Rights
2021-ISI-Towards_a_recommender_system_for_handling_ransomware-paper.pdf   File version 3/11/2021

Properties

Name
2021-ISI-Towards_a_recommender_system_for_handling_ransomware-paper.pdf
Address within IS
https://repozitar.cz/auth/repo/46288/1175013/
Address for the users outside IS
https://repozitar.cz/repo/46288/1175013/
Address within Manager
https://repozitar.cz/auth/repo/46288/1175013/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/46288/1175013/?info
Uploaded/Created
Wed 3/11/2021 02:22

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person Mgr. Lucie Vařechová, uco 106253
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Jolana Surýnková, uco 220973
Attributes
 
2021-ISI-Towards_a_recommender_system_for_handling_ransomware-slides.pdf  3/11/2021

Properties

Name
2021-ISI-Towards_a_recommender_system_for_handling_ransomware-slides.pdf
Address within IS
https://repozitar.cz/auth/repo/46288/1175014/
Address for the users outside IS
https://repozitar.cz/repo/46288/1175014/
Address within Manager
https://repozitar.cz/auth/repo/46288/1175014/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/46288/1175014/?info
Uploaded/Created
Wed 3/11/2021 02:22

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person Mgr. Lucie Vařechová, uco 106253
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Jolana Surýnková, uco 220973
Attributes
 
Print
Add to clipboard Displayed: 12/7/2024 11:27