NGEN Firewall Security Augmentation using Brooks-Iyengar and Random Forest Classfier method: by Predicting Cyber Threats from: Darkweb/Deepweb Data
##plugins.themes.academic_pro.article.main##
Abstract
There are many caveats persist in current Unified Threat Management Firewalls (UTM) device for assessing vulnerabilities in software and hardware. The techniques used to exploit threats in UTM appliances are less dynamic non-predictive and hence cybersecurity is still fickle. In this paper we propose a technique to integrate BrooksIyengar Fault algorithm and Random Forest Classifier model to analyze the dark web and deep web network analysis using machine learning methods with UTM devices to envision the exploitability of vulnerabilities. Our technique achieves this aim by analyzing vulnerability data from UTM logs, Microsoft and Redhat attack signatures, National Vulnerability Database and features established by users association with deepweb and darkweb (d2web) sites. We carry out a real-time experiment on a honey trap case study by involving real-time cyber criminals activity and vulnerability data to mitigate cyber risks. The results published are evaluated using F1 score and IPS and IDS improved by 16% while maintaining the performance and precision. We consider this result because many exploit cases recorded and documented of various vulnerabilities with their score are indicative of their ability in exposing the threat and impact, the prediction score by 94.3% shows the actual and subsequent threat analysis results with private cloud and elite firewall policy service.
##plugins.themes.academic_pro.article.details##
How to Cite
Latesh Kumar K.J, & Leena H U. (2020). NGEN Firewall Security Augmentation using Brooks-Iyengar and Random Forest Classfier method: by Predicting Cyber Threats from: Darkweb/Deepweb Data. International Journal of Next-Generation Computing, 11(1), 01–19. https://doi.org/10.47164/ijngc.v11i1.169
References
- First. Last Accessed: (2019). A Complete Guide to the Common Vulnerabil-ity Scoring System. https://www.cvedetails.com/cve-details.php?t=1&cve_id=CVE-2019-0708
- Carol Sabottke, Octavian Suciu and Hsinchnu Chen (2015). Vulnerability disclosure in the age of social media: Exploring twitter for Predicting Real-World Exploits. In USENIX Security, Vol.15.
- Luca Allodi and Fabio Massacci. 2014. Comparing vulnerability severity and exploits using case-control studies. ACM Transactions on Information and System Security (TISSEC) 17, 1 (2014), 1.
- Benjamin Bullough, Anna Yanchenko, Christopher Smith, Joseph Zipkin (2017). Predicting exploitation of disclosed software vulnerabilities using open-source data. In Proceedings of the 2017 ACM International Workshop on Security and Privacy Analytics. ACM
- Mohammed Ali Al-Garadi, Kasturi Dewi Varathan, Sri Devi Ravana, Ejaz Ahmed (2018). Analysis of Online Social Network Connections for Identifi-cation of Influential Users: Survey and Open Research Issues, Journal ACM Computing Surveys (CSUR) Surveys Homepage archive, Volume 51 Issue 1, Article No. 16, doi 10.1145/3155897.
- Michel Edkrantz, Alan (2015). Predicting Cyber Vulnerability Exploits with Machine Learning. In SCAI 48-57.
- Zakir Durumeric, James Kasten, David Adrian, Alex Halderman, Michael Bailey, Frank Li, Nicolas Weaver, Johanna Amann, Jethro Beekman, Mathi-as Payer (2014). The matter of heartbleed. In Proceedings of the 2014 Con-ference on Internet Measurement Conference. ACM, 475–488.
- Karthik Nayak, Daniel Marino, Petros Efstathopoulos (2014). Some vulner-abilities are different than others. In International Workshop on Recent Ad-vances in Intrusion Detection. Springer 426-446.
- Carl Sabottke, Octavian Suciu, Tudor Dumitras (2015). Vulnerability Dis-closure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits. In USENIX Security, Vol. 15
- Moore, D., & Rid, T. (2016). Cryptopolitik and the Darknet. Survival, 58(1), 7-38.
- Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120-126.
- Cimpanu C. (2017). Retrieved from https://www.bleepingcomputer.com/news/technology/internets-largest-bitcoinmixer- shuts-down-realizing-bitcoin-is-not-anonymous/
- Fachkha, C. (2015). Darknet as a Source of Cyber Threat Intelligence: Inves-tigating Distributed and Reflection Denial of Service Attacksr
- Ciancaglini, V., Balduzzi, M., McArdle, R., & Rösler, M. (2015). The Deep Web. Trend Micro.
- Reelson, A. (2016). OpenNLP Ingest Processor plugin based on Apache OpenNLP. Retrieved from https://github.com/spinscale/elasticsearch-ingest-opennlp.
- Ahmia. (2014). Ahmia search engine crawler. Retrieved from https://github.com/ahmia/ahmia-crawler
- Richard Brooks, S. Sithrama Iyengar (1996). "Robust Distributed Compu-ting and Sensing Algorithm". Computer. 29 (6): 53–60. doi:10.1109/2.507632. ISSN 0018-9162. Archived from the original on 2010-04-08. Retrieved 2010-03-22.
- Eric Nunes, Ahmad Diab, Andrew Gunn, Ericsson Marin, Vineet Mishra, Vivin Paliath, John Robertson, Jana Shakarian, Amanda Thart, and Paulo Shakarian. 2016. Darknet and deepnet mining for proactive cybersecurity threat intelligence. In Intelligence and Security Informatics (ISI), 2016 IEEE Conference on. IEEE, 7–12.
- First Last Accessed: (2019). Understand top trends in the threat landscape Get our perspective on 2018 cybersecurity trends such as cryptocurrency mining, supply chain attacks, and phishing in the Security Intelligence Re-port, Volume 24. https://www.microsoft.com/en-us/security/operations/security-intelligence-report
- M Almukaynizi, A Grimm, E Nunes, J Shakarian, P Shakarian (2017), Predicting cyber threats through the dynamics of user connectivity in dark-web and deepweb forums, ACM Computational Social Science.
- E Nunes, a Diab, a Gunn, E Marin, V Mishra, V Paliath, J Robertson (2016). Darknet and deepnet mining for proactive cybersecurity threat intelligence, Intelligence and Security Informatics (ISI), 2016 IEEE Conference
- M Almukaynizi, E Nunes, K Dharaiya, M Senguttuvan, J Shakarian, (2017). Proactive identification of exploits in the wild through vulnerability mentions online, International Conference on Cyber Conflict (CyCon US), 82-88
- First. Last Accessed: (2019). A Complete Guide to the Network Security Scan. https://nmap.org/
- Yakkala V. Naga Manikanta, Anjali Sardana (2012). Protecting web appli-cations from SQL injection attacks by using framework and database fire-wall, Proceeding ICACCI '12 Proceedings of the International Conference on Advances in Computing, Communications and Informatics, Pages 609-613, ISBN: 978-1-4503-1196-0 doi>10.1145/2345396.2345495
- First. Last Accessed: (2018). https://towardsdatascience.com/model-evaluation-techniques-for-classification-models-eac30092c38b
- [13] M. Motoyama, D. McCoy, K. Levchenko, S. Savage, and G. M. Voelker, “An analysis of underground forums,” in Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference. ACM, 2011, pp. 71–80.
- [14] L. Allodi, “Economic factors of vulnerability trade and exploitation,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2017, pp. 1483–1499
- M. Almukaynizi, E. Nunes, K. Dharaiya, M. Senguttuvan, J. Shakarian, and P. Shakarian, “Proactive identification of exploits in the wild through vulner-ability mentions online,” in 2017 International Conference on Cyber Conflict (CyCon U.S.), Nov 2017, pp. 82–88.
- N. Tavabi, P. Goyal, M. Almukaynizi, P. Shakarian, and K. Lerman, “Darkembed: Exploit prediction with neural language models,” in Proceed-ings of AAAI Conference on Innovative Applications of AI (IAAI2018), 2018.
- J. M. Montgomery, F. M. Hollenbach, and M. D. Ward, “Improving predic-tions using ensemble bayesian model averaging,” Political Analysis, vol. 20, no. 3, pp. 271–291, 2012.
- Nunes, E.; Diab, A.; Gunn, A.; Marin, E.; Mishra, V. Paliath, V.; Robertson, J.; Shakarian, J.; Thart, A.; and Shakarian, P. 2016. Darknet and deepnet min-ing for proactive cybersecurity threat intelligence. In ISI, 7–12. IEEE.
- Robertson, J.; Diab, A.; Marin, E.; Nunes, E.; Paliath, V.; Shakarian, J.; and Shakarian, P. 2017. Darkweb Cyber Threat Intelligence Mining. Cambridge University Press.
- Samtani, S.; Chinn, K.; Larson, C.; and Chen, H. 2016. Azsecure hacker assets portal: Cyber threat intelligence and malware analysis. In ISI, 19–24.
- Soska, K., and Christin, N. 2014. Automatically detecting vulnerable web-sites before they turn malicious. In Usenix Security, 625–640.
- Hao, S.; Kantchelian, A.; Miller, B.; Paxson, V.; and Feamster, N. 2016. Pred-ator: Proactive recognition and elimination of domain abuse at time-of-registration. In CCS2016, 1568–1579.
- Edkrantz, M., and Said, A. 2015. Predicting cyber vulnerability exploits with machine learning. In SCAI.
- J. Robertson, V. Paliath, J. Shakarian, A. Thart, and P. Shakarian, “Data driven game theoretic cyber threat mitigation.” 2016.
- M. Brown, W. B. Haskell, and M. Tambe, “Addressing scalability and robustness in security games with multiple boundedly rational adversaries,” in International Conference on Decision and Game Theory for Security. Springer, 2014, pp. 23–42.
- A. Lendasse, E. De Bodt, V. Wertz, and M. Verleysen, “Non-linear financial time series forecasting-application to the bel 20 stock market index,” Euro-pean Journal of Economic and Social Systems, vol. 14, no. 1, pp. 81–91, 2000.
- First Last Accessed: (2019). Used to visualize and analyze the elastic search data https://www.elastic.co/products/kibana