On a daily basis many of the hosts connected to the Internet experience continuous probing and attack from malicious entities. Detection and defence from these malicious entities has primarily been the concern of Intrusion Detection Systems, Intrusion Prevention Systems and Anti-Virus software. These systems rely heavily on known signatures to detect nefarious traffic. Due to the reliance on kn...

Cyber-threats are one of the most significant problems faced by modern Industrial Control Systems (ICS), such as SCADA (Supervisory Control and Data Acquisition) systems, as the vulnerabilities of ICS technology become serious threats that can ultimately compromise human lives. This situation demands a domainspecific approach to cyber threat detection within ICS, which is one of the most import...

30 years ago PABX systems were compromised by hackers wanting to make long distance calls at some other entities expense. This activity faded as telephony became cheaper and PABX systems had countermeasures installed to overcome attacks. Now the world has moved onto the provision of telephony via broadband enabled Voice over Internet Protocol (VoIP) with this service now being provided as a rep...

Social networking communities have become an important communications platform, but the popularity of these communities has also made them targets for a new breed of social spammers. Unfortunately, little is known about these social spammers, their level of sophistication, or their strategies and tactics. Thus, in this paper, we provide the first characterization of social spammers and their be...

Honeynets are collections networked of computer systems which are intended to be attacked and broken into in an observed fashion, keeping track of any (mis-)use. Similar to other IT-security technologies there is a lot of gospel on the benefits of Honeynets, while there is little analysis on the exact gain offered by them and the associated cost. We are presenting a model helpful in understandi...

We describe the on-going work towards further automating the analysis of data generated by a large honeynet architecture called Leurre.com and SGNET. The underlying motivation is helping us to integrate the use of honeypot data into daily network security monitoring. We propose a system based on two automated steps: i) the detection of relevant attack events within a large honeynet traffic data...

Airline websites are the victims of unauthorised online travel agencies and aggregators that use armies bots to scrape prices flight information. These so-called Advanced Persistent Bots (APBs) highly sophisticated. On top valuable information taken away, these huge quantities requests consume a very substantial amount resources on airlines' websites. In this work, we propose deceptive approach...