Custos: Practical tamper-evident auditing of operating systems using trusted execution
System auditing is a central concern when investigating and responding to security
incidents. Unfortunately, attackers regularly engage in anti-forensic activities after a break-in …
incidents. Unfortunately, attackers regularly engage in anti-forensic activities after a break-in …
Logging to the danger zone: Race condition attacks and defenses on system audit frameworks
For system logs to aid in security investigations, they must be beyond the reach of the
adversary. Unfortunately, attackers that have escalated privilege on a host are typically able …
adversary. Unfortunately, attackers that have escalated privilege on a host are typically able …
Language models for novelty detection in system call traces
Due to the complexity of modern computer systems, novel and unexpected behaviors
frequently occur. Such deviations are either normal occurrences, such as software updates …
frequently occur. Such deviations are either normal occurrences, such as software updates …
[PDF][PDF] A comprehensive tutorial and survey of applications of deep learning for cyber security
A Comprehensive Tutorial and Survey of Applications of Deep Learning for Cyber Security
Page 1 P osted on 5 Jan 2020 — CC-BY 4.0 — h ttps://doi.org/10.36227/tech rxiv.11473377.v1 …
Page 1 P osted on 5 Jan 2020 — CC-BY 4.0 — h ttps://doi.org/10.36227/tech rxiv.11473377.v1 …
On improving deep learning trace analysis with system call arguments
Kernel traces are sequences of low-level events comprising a name and multiple
arguments, including a timestamp, a process id, and a return value, depending on the event …
arguments, including a timestamp, a process id, and a return value, depending on the event …
Rule-based security monitoring of containerized workloads
In order to further support the secure operation of containerized environments and to extend
already established security measures, we propose a rule-based security monitoring, which …
already established security measures, we propose a rule-based security monitoring, which …
System performance anomaly detection using tracing data analysis
I Kohyarnejadfard, M Shakeri, D Aloise - Proceedings of the 2019 5th …, 2019 - dl.acm.org
In recent years, distributed systems have become increasingly complex as they grow in both
scale and functionality. Such complexity makes these systems prone to performance …
scale and functionality. Such complexity makes these systems prone to performance …
Insider Threat Detection: Using Classification Models
TK Rao, N Darapaneni, AR Paduri, A Kumar… - Proceedings of the 2023 …, 2023 - dl.acm.org
Insider threats refer to cyber-attacks originating from within an organization that can cause
significant damage, such as intellectual property theft, sabotage, and sensitive data …
significant damage, such as intellectual property theft, sabotage, and sensitive data …
SoK: Leveraging Transformers for Malware Analysis
The introduction of transformers has been an important breakthrough for AI research and
application as transformers are the foundation behind Generative AI. A promising …
application as transformers are the foundation behind Generative AI. A promising …
Detection of ESD-induced soft failures by analyzing linux kernel function calls
Electrostatic discharge (ESD) into a functioning system can cause temporary upsets–soft
failures. Subtle soft failures can reduce the reliability of system and cannot be detected by …
failures. Subtle soft failures can reduce the reliability of system and cannot be detected by …