Abstract
E-commerce services have expanded tremendously in the recent years, with market value estimations for cross-border trade reaching well over a hundred billion euro just in the European Union. At the same time, e-commerce-related fraud rate and cybersecurity issues are staggering. With e-commerce clearly gaining the critical infrastructure status, any significant disruptions could potentially ripple all across the society. Thus, new security tools address the full spectrum of threats, offering the complete response and mitigation process. This paper introduces a comprehensive analysis, detection, response, mitigation, and cyberthreat knowledge-building pipeline.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
European ecommerce report 2019. https://tinyurl.com/4wpmrv52. Accessed 04 May 2021
Ecommerce in Europe: €717 billion in 2020. https://tinyurl.com/hy3x8kwa. Accessed 04 May 2021
Fraud losses in e-commerce on UK-issued credit cards-2019 — Statista. https://tinyurl.com/9bx7dr3n. Accessed 04 May 2021
Survey on “scams and fraud experienced by consumers”. Final report. https://tinyurl.com/e6n97hf2. Accessed 04 May 2021
Couce-Vieira, A., Insua, D.R., Kosgodagan, A.: Assessing and forecasting cyber-security impacts. Decis. Anal. 17(4), 356–374 (2020)
2020 global threat intelligence report the nature of security: be resilient to thrive. https://tinyurl.com/4ayv32xx. Accessed 04 May 2021
Gong, S., Lee, C.: Cyber threat intelligence framework for incident response in an energy cloud platform. Electronics 10(3), 239 (2021)
Xie, W., Yu, X., Zhang, Y., Wang, H.: An improved shapley value benefit distribution mechanism in cooperative game of cyber threat intelligence sharing. In: IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 810–815 (2020). https://doi.org/10.1109/INFOCOMWKSHPS50562.2020.91627399
Alkalabi, W., Simpson, L., Morarji, H.: Barriers and incentives to cybersecurity threat information sharing in developing countries: a case study of Saudi Arabia. In: 2021 Australasian Computer Science Week Multiconference. ACSW 2021, Association for Computing Machinery, NewYork, NY, USA (2021). https://doi.org/10.1145/3437378.3437391
Ramsdale, A., Shiaeles, S., Kolokotronis, N.: A comparative analysis of cyber-threat intelligence sources, formats and languages. Electronics 9(5), 824 (2020)
Stix - structured threat information expression (archive) — stix project documentation. https://stixproject.github.io/. Accessed 04 May 2021
Connolly, J., Davidson, M., Schmidt, C.: The trusted automated exchange of indicator information (TAXII). The MITRE Corporation, pp. 1–20 (2014)
Barnum, S., Martin, R., Worrell, B., Kirillov, I.: The cybox language specification. The MITRE Corporation (2012)
Schlette, D.: Cyber threat intelligence (2021)
de Melo e Silva, A., Costa Gondim, J.J., de Oliveira Albuquerque, R., Garcia Villalba, L.J.: A methodology to evaluate standards and platforms within cyber threat intelligence. Future Internet 12(6), 108 (2020)
Endpoint detection & response (EDR) security solutions. https://www.fortinet.com/products/endpoint-security/fortiedr. Accessed 04 May 2021
Resilient security orchestration, automation and response platform - Egypt — IBM. https://tinyurl.com/8ewe7usx. Accessed 04 May 2021
Network threat detection & response platform—vectraai. https://www.vectra.ai/products/cognito-platform. Accessed 04 May 2021
Event management for full threat visibility — check point software. https://www.checkpoint.com/products/event-management/. Accessed 04 May 2021
The hive project. https://thehive-project.org/. Accessed 04 May 2021
Cortex XDR - extended detection and response - Palo Alto networks. https://www.paloaltonetworks.com/cortex/cortex-xdr. Accessed 04 May 2021
Data access governance — active directory security — privileged access management — stealthbits. https://stealthbits.com/. Accessed 04 May 2021
Misp - open source threat intelligence platform & open standards for threat information sharing (formerly known as malware information sharing platform). https://www.misp-project.org/. Accessed 04 May 2021
Choraś, M., Pawlicki, M.: Intrusion detection approach based on optimised artificial neural network. Neurocomputing (2021)
Dutta, V., Choraś, M., Pawlicki, M., Kozik, R.: A deep learning ensemble for network anomaly and cyber-attack detection. Sensors 20(16), 4583 (2020)
Komisarek, M., Choraś, M., Kozik, R., Pawlicki, M.: Real-time stream processing tool for detecting suspicious network patterns using machine learning. In: Proceedings of the 15th International Conference on Availability, Reliability and Security, pp. 1–7 (2020)
Kozik, R., Choraś, M., Flizikowski, A., Theocharidou, M., Rosato, V., Rome, E.: Advanced services for critical infrastructures protection. J. Ambient. Intell. Humaniz. Comput. 6(6), 783–795 (2015). https://doi.org/10.1007/s12652-015-0283-x
Acknowledgment
This work is supported by the Ensuresec project, which has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 883242.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Pawlicki, M., Kozik, R., Puchalski, D., Choraś, M. (2021). Towards AI-Based Reaction and Mitigation for e-Commerce - the ENSURESEC Engine. In: Huang, DS., Jo, KH., Li, J., Gribova, V., Premaratne, P. (eds) Intelligent Computing Theories and Application. ICIC 2021. Lecture Notes in Computer Science(), vol 12838. Springer, Cham. https://doi.org/10.1007/978-3-030-84532-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-84532-2_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-84531-5
Online ISBN: 978-3-030-84532-2
eBook Packages: Computer ScienceComputer Science (R0)