Provenance-based intrusion detection systems: A survey
Traditional Intrusion Detection Systems (IDS) cannot cope with the increasing number and
sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …
sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …
A comprehensive survey of generative adversarial networks (gans) in cybersecurity intrusion detection
Generative Adversarial Networks (GANs) have seen significant interest since their
introduction in 2014. While originally focused primarily on image-based tasks, their capacity …
introduction in 2014. While originally focused primarily on image-based tasks, their capacity …
Euler: Detecting Network Lateral Movement via Scalable Temporal Link Prediction
Lateral movement is a key stage of system compromise used by advanced persistent
threats. Detecting it is no simple task. When network host logs are abstracted into discrete …
threats. Detecting it is no simple task. When network host logs are abstracted into discrete …
Review of artificial intelligence for enhancing intrusion detection in the internet of things
Internet of Things is shaping the quality of living standard. With the rapid growth and
expansion of adopting IoT-based approaches, their security represents a growing challenge …
expansion of adopting IoT-based approaches, their security represents a growing challenge …
[HTML][HTML] Unraveled—A semi-synthetic dataset for Advanced Persistent Threats
U nraveled is a novel cybersecurity dataset capturing Advanced Persistent Threat (APT)
attacks not available in the public domain. Existing cybersecurity datasets lack coherent …
attacks not available in the public domain. Existing cybersecurity datasets lack coherent …
ANUBIS: a provenance graph-based framework for advanced persistent threat detection
We present ANUBIS, a highly effective machine learning-based APT detection system. Our
design philosophy for ANUBIS involves two principal components. Firstly, we intend ANUBIS …
design philosophy for ANUBIS involves two principal components. Firstly, we intend ANUBIS …
Paradise: real-time, generalized, and distributed provenance-based intrusion detection
Identifying intrusion from massive and multi-source logs accurately and in real-time presents
challenges for today's users. This article presents Paradise, a real-time, generalized, and …
challenges for today's users. This article presents Paradise, a real-time, generalized, and …
Steinerlog: prize collecting the audit logs for threat hunting on enterprise network
B Bhattarai, H Huang - Proceedings of the 2022 ACM on Asia …, 2022 - dl.acm.org
Advanced cyberattacks are carried out in multiple stages, where each stage performs a
specific task corresponding to the campaign. While these steps are designed to blend in with …
specific task corresponding to the campaign. While these steps are designed to blend in with …
End-to-end anomaly detection for identifying malicious cyber behavior through NLP-based log embeddings
A Golczynski, JA Emanuello - arXiv preprint arXiv:2108.12276, 2021 - arxiv.org
Rule-based IDS (intrusion detection systems) are being replaced by more robust neural IDS,
which demonstrate great potential in the field of Cybersecurity. However, these ML …
which demonstrate great potential in the field of Cybersecurity. However, these ML …
PWNJUTSU: A dataset and a semantics-driven approach to retrace attack campaigns
Identifying patterns in the modus operandi of attackers is an essential requirement in the
study of Advanced Persistent Threats. Previous studies have been hampered by the lack of …
study of Advanced Persistent Threats. Previous studies have been hampered by the lack of …