Loading…

A YARA-based approach for detecting cyber security attack types

Technological advancements have recently propelled individuals, institutions, and organizations to conduct their business processes on information systems. However, keeping personal and corporate data on information systems has given rise to issues related to data security. The accessibility of data...

Full description

Saved in:
Bibliographic Details
Published in:Firat University Journal of Experimental and Computational Engineering 2023-06, Vol.2 (2), p.55-68
Main Authors: Yıldırım, Kübra, Demir, Mustafa Emre, Keleş, Tuğce, Yıldız, Arif Metehan, Doğan, Şengül, Tuncer, Türker
Format: Article
Language:English
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Technological advancements have recently propelled individuals, institutions, and organizations to conduct their business processes on information systems. However, keeping personal and corporate data on information systems has given rise to issues related to data security. The accessibility of data on information systems has made it vulnerable to theft and exploitation by malicious groups or individuals, thus posing a significant risk to data security. Consequently, the demand for data security has led to a new business sector offering various cybersecurity solutions to protect organizations' systems. This paper presents an analysis of the prevalent types of cyber attacks worldwide. The study aims to create a virtual environment with Windows and Linux systems in Forensic Informatics and Incident Response processes to apply frequently used cyber attack methods, develop defense mechanisms against these methods, and contribute to revealing the root cause by solving the incident pattern. Furthermore, this application demonstrates how manual techniques and open-source solutions, such as YARA, can be used to detect malware derivatives commonly found in Windows systems.
ISSN:2822-2881
2822-2881
DOI:10.5505/fujece.2023.09709