Threat detection and investigation with system-level provenance graphs: A survey
With the development of information technology, the border of the cyberspace gets much
broader and thus also exposes increasingly more vulnerabilities to attackers. Traditional …
broader and thus also exposes increasingly more vulnerabilities to attackers. Traditional …
A survey on the evolution of fileless attacks and detection techniques
S Liu, G Peng, H Zeng, J Fu - Computers & Security, 2024 - Elsevier
Fileless attacks have gained significant prominence and have become the prevailing type of
attack in recent years. The exceptional level of stealthiness and difficulty in detection …
attack in recent years. The exceptional level of stealthiness and difficulty in detection …
" Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences
D Olszewski, A Lu, C Stillman, K Warren… - Proceedings of the …, 2023 - dl.acm.org
Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …
seemingly contradictory results and expands the boundaries of known discoveries …
Survivalism: Systematic analysis of windows malware living-off-the-land
F Barr-Smith, X Ugarte-Pedrero… - … IEEE Symposium on …, 2021 - ieeexplore.ieee.org
As malware detection algorithms and methods become more sophisticated, malware
authors adopt equally sophisticated evasion mechanisms to defeat them. Anecdotal …
authors adopt equally sophisticated evasion mechanisms to defeat them. Anecdotal …
[PDF][PDF] Sharing cyber threat intelligence: Does it really help?
The sharing of Cyber Threat Intelligence (CTI) across organizations is gaining traction, as it
can automate threat analysis and improve security awareness. However, limited empirical …
can automate threat analysis and improve security awareness. However, limited empirical …
[HTML][HTML] Malware classification through Abstract Syntax Trees and L-moments
The ongoing evolution of malware presents a formidable challenge to cybersecurity:
identifying unknown threats. Traditional detection methods, such as signatures and various …
identifying unknown threats. Traditional detection methods, such as signatures and various …
MPSAutodetect: a malicious powershell script detection model based on stacked denoising auto-encoder
A Alahmadi, N Alkhraan, W BinSaeedan - Computers & Security, 2022 - Elsevier
PowerShell is an important tool used to automate administrative tasks. It is an open-source
tool that is pre-installed on Windows machines and is accessible on many other operating …
tool that is pre-installed on Windows machines and is accessible on many other operating …
PowerDP: de-obfuscating and profiling malicious PowerShell commands with multi-label classifiers
In recent years, PowerShell has become the common tool that helps attackers launch
targeted attacks using living-off-the-land tactics and fileless attack techniques. Unfortunately …
targeted attacks using living-off-the-land tactics and fileless attack techniques. Unfortunately …
Process-aware intrusion detection in mqtt networks
Intrusion Detection Systems (IDS) allow for detecting malicious activities in organizational
networks and hosts. As the Industrial Internet of Things (Industrial IoT) has gained …
networks and hosts. As the Industrial Internet of Things (Industrial IoT) has gained …
Transast: A machine translation-based approach for obfuscated malicious javascript detection
Y Qin, W Wang, Z Chen, H Song… - 2023 53rd Annual IEEE …, 2023 - ieeexplore.ieee.org
As an essential part of the website, JavaScript greatly enriches its functions. At the same
time, JavaScript has become the most common attack payload on malicious websites …
time, JavaScript has become the most common attack payload on malicious websites …