Threat intelligence computing
Cyber threat hunting is the process of proactively and iteratively formulating and validating
threat hypotheses based on security-relevant observations and domain knowledge. To …
threat hypotheses based on security-relevant observations and domain knowledge. To …
{ALASTOR}: Reconstructing the provenance of serverless intrusions
Serverless computing has freed developers from the burden of managing their own platform
and infrastructure, allowing them to rapidly prototype and deploy applications. Despite its …
and infrastructure, allowing them to rapidly prototype and deploy applications. Despite its …
[HTML][HTML] MIF: A multi-step attack scenario reconstruction and attack chains extraction method based on multi-information fusion
Most attacks on the Internet are progressive attacks and exploit multiple multiple nodes.
Traditional Intrusion Detection Systems (IDS) cannot detect the original attack node, making …
Traditional Intrusion Detection Systems (IDS) cannot detect the original attack node, making …
{SEAL}: Storage-efficient causality analysis on enterprise logs with query-friendly compression
Causality analysis automates attack forensic and facilitates behavioral detection by
associating causally related but temporally distant system events. Despite its proven …
associating causally related but temporally distant system events. Despite its proven …
Dealing with security alert flooding: using machine learning for domain-independent alert aggregation
Intrusion Detection Systems (IDS) secure all kinds of IT infrastructures through automatic
detection of malicious activities. Unfortunately, they are known to produce large numbers of …
detection of malicious activities. Unfortunately, they are known to produce large numbers of …
On vulnerability and security log analysis: A systematic literature review on recent trends
J Svacina, J Raffety, C Woodahl, B Stone… - Proceedings of the …, 2020 - dl.acm.org
Log analysis is a technique of deriving knowledge from log files containing records of events
in a computer system. A common application of log analysis is to derive critical information …
in a computer system. A common application of log analysis is to derive critical information …
A new approach for APT malware detection based on deep graph network for endpoint systems
C Do Xuan, DT Huong - Applied Intelligence, 2022 - Springer
The form of spreading malware through end-users and thereby escalating and stealing data
in organizations is one of the attack techniques widely used by Advanced Persistent Threat …
in organizations is one of the attack techniques widely used by Advanced Persistent Threat …
A systematic literature review on advanced persistent threat behaviors and its detection strategy
NI Che Mat, N Jamil, Y Yusoff… - Journal of …, 2024 - academic.oup.com
Advanced persistent threats (APTs) pose significant security-related challenges to
organizations owing to their sophisticated and persistent nature, and are inimical to the …
organizations owing to their sophisticated and persistent nature, and are inimical to the …
ADEPT: Detection and identification of correlated attack stages in IoT networks
KLK Sudheera, DM Divakaran… - IEEE Internet of …, 2021 - ieeexplore.ieee.org
The fast-growing Internet-of-Things (IoT) market has opened up a large threat landscape,
given the wide deployment of IoT devices in both consumer and commercial spaces. Attacks …
given the wide deployment of IoT devices in both consumer and commercial spaces. Attacks …
Logging to the danger zone: Race condition attacks and defenses on system audit frameworks
For system logs to aid in security investigations, they must be beyond the reach of the
adversary. Unfortunately, attackers that have escalated privilege on a host are typically able …
adversary. Unfortunately, attackers that have escalated privilege on a host are typically able …