KRAKEN: a knowledge-based recommender system for analysts, to kick exploration up a notch
R Brisse, S Boche, F Majorczyk, JF Lalande - International Conference on …, 2021 - Springer
During a computer security investigation, a security analyst has to explore the logs available
to understand what happened in the compromised system. For such tasks, visual analysis …
to understand what happened in the compromised system. For such tasks, visual analysis …
Extractor: Extracting attack behavior from threat reports
The knowledge on attacks contained in Cyber Threat Intelligence (CTI) reports is very
important to effectively identify and quickly respond to cyber threats. However, this …
important to effectively identify and quickly respond to cyber threats. However, this …
Multi-step attack scenarios mining based on neural network and Bayesian network attack graph
In order to find attack patterns from a large number of redundant alert logs, build multi-step
attack scenarios, and eliminate the false alerts of the alert logs, this paper proposes a new …
attack scenarios, and eliminate the false alerts of the alert logs, this paper proposes a new …
SteinerLog: Prize collecting the audit logs for threat hunting on enterprise network
B Bhattarai, H Huang - Proceedings of the 2022 ACM on Asia …, 2022 - dl.acm.org
Advanced cyberattacks are carried out in multiple stages, where each stage performs a
specific task corresponding to the campaign. While these steps are designed to blend in with …
specific task corresponding to the campaign. While these steps are designed to blend in with …
From product recommendation to cyber-attack prediction: Generating attack graphs and predicting future attacks
Modern information society depends on reliable functionality of information systems
infrastructure, while at the same time the number of cyber-attacks has been increasing over …
infrastructure, while at the same time the number of cyber-attacks has been increasing over …
[HTML][HTML] Attack analysis framework for cyber-attack and defense test platform
Y Qi, R Jiang, Y Jia, A Li - Electronics, 2020 - mdpi.com
In 2012, Google first proposed the knowledge graph and applied it in the field of intelligent
searching. Subsequently, knowledge graphs have been used for in-depth association …
searching. Subsequently, knowledge graphs have been used for in-depth association …
[HTML][HTML] Distributed attack modeling approach based on process mining and graph segmentation
Y Chen, Z Liu, Y Liu, C Dong - Entropy, 2020 - mdpi.com
Attack graph modeling aims to generate attack models by investigating attack behaviors
recorded in intrusion alerts raised in network security devices. Attack models can help …
recorded in intrusion alerts raised in network security devices. Attack models can help …
Scalable analysis of attack scenarios
Attack graphs have been widely used for attack modeling, alert correlation, and prediction. In
order to address the limitations of current approaches–scalability and impact analysis–we …
order to address the limitations of current approaches–scalability and impact analysis–we …
AGBuilder: an AI tool for automated attack graph building, analysis, and refinement
Attack graphs are widely used for modeling attack scenarios that exploit vulnerabilities in
computer systems and networked infrastructures. Essentially, an attack graph illustrates a …
computer systems and networked infrastructures. Essentially, an attack graph illustrates a …
Hercule: Attack story reconstruction via community discovery on correlated log graph
Advanced cyber attacks consist of multiple stages aimed at being stealthy and elusive. Such
attack patterns leave their footprints spatio-temporally dispersed across many different logs …
attack patterns leave their footprints spatio-temporally dispersed across many different logs …