Provenance-based intrusion detection systems: A survey
Traditional Intrusion Detection Systems (IDS) cannot cope with the increasing number and
sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …
sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …
A survey on threat hunting in enterprise networks
With the rapidly evolving technological landscape, the huge development of the Internet of
Things, and the embracing of digital transformation, the world is witnessing an explosion in …
Things, and the embracing of digital transformation, the world is witnessing an explosion in …
{ATLAS}: A sequence-based learning approach for attack investigation
Advanced Persistent Threats (APT) involve multiple attack steps over a long period, and
their investigation requires analysis of myriad logs to identify their attack steps, which are a …
their investigation requires analysis of myriad logs to identify their attack steps, which are a …
Shadewatcher: Recommendation-guided cyber threat analysis using system audit records
System auditing provides a low-level view into cyber threats by monitoring system entity
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …
[PDF][PDF] WATSON: Abstracting Behaviors from Audit Logs via Aggregation of Contextual Semantics.
Endpoint monitoring solutions are widely deployed in today's enterprise environments to
support advanced attack detection and investigation. These monitors continuously record …
support advanced attack detection and investigation. These monitors continuously record …
AttacKG: Constructing technique knowledge graph from cyber threat intelligence reports
Cyber attacks are becoming more sophisticated and diverse, making attack detection
increasingly challenging. To combat these attacks, security practitioners actively summarize …
increasingly challenging. To combat these attacks, security practitioners actively summarize …
[HTML][HTML] An empirical assessment of endpoint detection and response systems against advanced persistent threats attack vectors
G Karantzas, C Patsakis - Journal of Cybersecurity and Privacy, 2021 - mdpi.com
Advanced persistent threats pose a significant challenge for blue teams as they apply
various attacks over prolonged periods, impeding event correlation and their detection. In …
various attacks over prolonged periods, impeding event correlation and their detection. In …
{PROGRAPHER}: An Anomaly Detection System based on Provenance Graph Embedding
In recent years, the Advanced Persistent Threat (APT), which involves complex and
malicious actions over a long period, has become one of the biggest threats against the …
malicious actions over a long period, has become one of the biggest threats against the …
Artificial intelligence enabled cyber security defense for smart cities: A novel attack detection framework based on the MDATA model
Y Jia, Z Gu, L Du, Y Long, Y Wang, J Li… - Knowledge-Based …, 2023 - Elsevier
Smart cities have attracted a lot of attention from interdisciplinary research, and plenty of
artificial intelligence based solutions have been proposed. However, cyber security has …
artificial intelligence based solutions have been proposed. However, cyber security has …
Hardlog: Practical tamper-proof system auditing using a novel audit device
Audit systems maintain detailed logs of security-related events on enterprise machines to
forensically analyze potential incidents. In principle, these logs should be safely stored in a …
forensically analyze potential incidents. In principle, these logs should be safely stored in a …