Forensic analysis of network attacks: Restructuring security events as graphs and identifying strongly connected sub-graphs
… Hercule: Attack story reconstruction via community discovery on correlated log graph. In:
Proceedings of the 32Nd Annual Conference on Computer Security Applications. pp. …
Proceedings of the 32Nd Annual Conference on Computer Security Applications. pp. …
T-trace: Constructing the apts provenance graphs through multiple syslogs correlation
… provenance graphs by analyzing the correlations among logs. The … out the attack-related
communities from the provenance graph. … with Hercule, we optimized the community discovery …
communities from the provenance graph. … with Hercule, we optimized the community discovery …
Sec2graph: Network attack detection based on novelty detection on graph structured data
… Hercule: attack story reconstruction via community discovery on correlated log graph. In:
Proceedings of the 32th Annual Conference on Computer Security Applications (2016) …
Proceedings of the 32th Annual Conference on Computer Security Applications (2016) …
CrptAC: Find the Attack Chain with Multiple Encrypted System Logs
W Lin, J Ma, T Li, H Ye, J Zhang, Y Xiao - Electronics, 2024 - mdpi.com
… Hercule: Attack story reconstruction via community discovery on correlated log graph. In
Proceedings of the Computer Security Applications, Los Angeles, CA, USA, 5–8 December 2016…
Proceedings of the Computer Security Applications, Los Angeles, CA, USA, 5–8 December 2016…
On the detection of persistent attacks using alert graphs and event feature embeddings
B Burr, S Wang, G Salmon… - NOMS 2020-2020 IEEE …, 2020 - ieeexplore.ieee.org
… logs, and community detection to construct and segment alert … We aim to present structured
incident graphs of correlated alerts … “HERCULE: Attack Story Reconstruction via Community …
incident graphs of correlated alerts … “HERCULE: Attack Story Reconstruction via Community …
AttRSeq: Attack story reconstruction via sequence mining on causal graph
F Zhang, R Dai, X Ma - 2023 IEEE 3rd International Conference …, 2023 - ieeexplore.ieee.org
… This paper presents AttRSeq, a framework discovering similar attack steps … HERCULE [7]
correlated attack events by using a community detection algorithm on a correlated log graph, …
correlated attack events by using a community detection algorithm on a correlated log graph, …
OmegaLog: High-fidelity attack investigation via transparent multi-layer log analysis
… multi-stage attacks using provenance graphs. Based on … HERCULE [50] uses expert-written
log parsers and rules to first extract log fields such as IP addresses and then correlate log …
log parsers and rules to first extract log fields such as IP addresses and then correlate log …
SteinerLog: Prize collecting the audit logs for threat hunting on enterprise network
B Bhattarai, H Huang - Proceedings of the 2022 ACM on Asia …, 2022 - dl.acm.org
… Hercule: Attack story reconstruction via community discovery on correlated log graph. In
Proceedings of the 32Nd Annual Conference on Computer Security Applications. 583–595. …
Proceedings of the 32Nd Annual Conference on Computer Security Applications. 583–595. …
Attack scenario reconstruction via fusing heterogeneous threat intelligence
X Zang, J Gong, X Zhang, G Li - Computers & Security, 2023 - Elsevier
… We mine the attack scenarios with semantic correlation … system logs. Therefore, not only
does the nature of a single … step attack scenario in our weighted semantic correlation graph. …
does the nature of a single … step attack scenario in our weighted semantic correlation graph. …
[PDF][PDF] Network Alert Graph Construction and
C Wang - 2020 - carleton.ca
… Hercule: Attack story reconstruction via community discovery on correlated log graph. In
Proceedings of the 32Nd Annual Conference on Computer Security Applications, pages 583–…
Proceedings of the 32Nd Annual Conference on Computer Security Applications, pages 583–…