Proactive cyber security response by utilizing passive monitoring technologies

Recently, variety of cyber-attacks such as DDoS, Information Leakage, Illegal Access, Spam, Business E-mail Compromise, Phishing, Advanced Persistent Threats (APT), Man-in-the-Middle attacks are frequently recognized even in the consumer's environment. These cyber-attacks are often triggered by “malwares” and have been maliciously evolving and sometimes hidden from our monitoring countermeasures (FW, IDS/IPS). For proactively responding cyber-attacks, utilizing passive monitoring technologies should be reconsidered as possible security supportive solutions. In this talk, after introduction of latest cyber-attacks to share the current cyber threats landscape, passive monitoring technologies such as darknet and honeypot/sandbox will be explained with practical use-cases to accurately observe and monitor ongoing threats (cyber-attacks). The use-cases may include detection of malware-infected IoT devices by means of darknet and honeypot monitoring. Furthermore, detection of cyber-attacks by passive monitoring can be utilized for cyber security proactive response as practical solutions. Finally, future security considerations will be given for utilizing extendible passive monitoring technologies to proactively respond against cyber-attacks under smarter city and connected environments.