Traditional Intrusion Detection Systems (IDS) cannot cope with the increasing number and sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …
Endpoint Detection and Response (EDR) tools provide visibility into sophisticated intrusions by matching system events against known adversarial behaviors. However, current solutions …
SM Milajerdi, R Gjomemo, B Eshete… - … IEEE Symposium on …, 2019 - ieeexplore.ieee.org
In this paper, we present HOLMES, a system that implements a new approach to the detection of Advanced and Persistent Threats (APTs). HOLMES is inspired by several case …
Advanced Persistent Threats (APTs) are difficult to detect due to their" low-and-slow" attack patterns and frequent use of zero-day exploits. We present UNICORN, an anomaly-based …
Advanced Persistent Threats (APT) involve multiple attack steps over a long period, and their investigation requires analysis of myriad logs to identify their attack steps, which are a …
SM Milajerdi, B Eshete, R Gjomemo… - Proceedings of the …, 2019 - dl.acm.org
Cyber threat intelligence (CTI) is being used to search for indicators of attacks that might have compromised an enterprise network for a long time without being discovered. To have …
With the rapidly evolving technological landscape, the huge development of the Internet of Things, and the embracing of digital transformation, the world is witnessing an explosion in …
K Satvat, R Gjomemo… - 2021 IEEE European …, 2021 - ieeexplore.ieee.org
The knowledge on attacks contained in Cyber Threat Intelligence (CTI) reports is very important to effectively identify and quickly respond to cyber threats. However, this …
J Navarro, A Deruyver, P Parrend - Computers & Security, 2018 - Elsevier
Since the beginning of the Internet, cyberattacks have threatened users and organisations. They have become more complex concurrently with computer networks. Nowadays …