System-Level Data Management for Endpoint Advanced Persistent Threat Detection: Issues, Challenges and Trends
Advanced persistent threat (APT) attacks pose significant security threats to governments
and large enterprises. Endpoint detection and response (EDR) methods, which are standard …
and large enterprises. Endpoint detection and response (EDR) methods, which are standard …
A Survey on Advanced Persistent Threat Detection: A Unified Framework, Challenges, and Countermeasures
In recent years, frequent Advanced Persistent Threat (APT) attacks have caused disastrous
damage to critical facilities, leading to severe information leakages, economic losses, and …
damage to critical facilities, leading to severe information leakages, economic losses, and …
eAudit: A Fast, Scalable and Deployable Audit Data Collection System*
Today's advanced cyber attack campaigns can often bypass all existing protections. The
primary defense against them is after-the-fact detection, followed by a forensic analysis to …
primary defense against them is after-the-fact detection, followed by a forensic analysis to …
TREC: APT tactic/technique recognition via few-shot provenance subgraph learning
M Lv, HZ Gao, X Qiu, T Chen, T Zhu, J Chen… - Proceedings of the 2024 …, 2024 - dl.acm.org
APT (Advanced Persistent Threat) with the characteristics of persistence, stealth, and
diversity is one of the greatest threats against cyber-infrastructure. As a countermeasure …
diversity is one of the greatest threats against cyber-infrastructure. As a countermeasure …
Paradise: real-time, generalized, and distributed provenance-based intrusion detection
Identifying intrusion from massive and multi-source logs accurately and in real-time presents
challenges for today's users. This article presents Paradise, a real-time, generalized, and …
challenges for today's users. This article presents Paradise, a real-time, generalized, and …
[HTML][HTML] Forensics for multi-stage cyber incidents: Survey and future directions
The increase in the complexity and sophistication of multi-stage cyber attacks, such as
advanced persistent threats, paired with the large volume of data produced by modern …
advanced persistent threats, paired with the large volume of data produced by modern …
APTSHIELD: A Stable, Efficient and Real-Time APT Detection System for Linux Hosts
Advanced Persistent Threat (APT) attacks have caused massive financial loss worldwide.
Researchers thereby have proposed a series of solutions to detect APT attacks, such as …
Researchers thereby have proposed a series of solutions to detect APT attacks, such as …
System auditing for real-time systems
System auditing is an essential tool for detecting malicious events and conducting forensic
analysis. Although used extensively on general-purpose systems, auditing frameworks have …
analysis. Although used extensively on general-purpose systems, auditing frameworks have …
ProcSAGE: an efficient host threat detection method based on graph representation learning
Abstract Advanced Persistent Threats (APTs) achieves internal networks penetration
through multiple methods, making it difficult to detect attack clues solely through boundary …
through multiple methods, making it difficult to detect attack clues solely through boundary …
Implementation of risk-aggregated substation testbed using generative adversarial networks
Capturing the anomalies of a cyber system in power control networks would promote
operational awareness. Correlation of such events, eg, intrusion attempts, traffic flow, and …
operational awareness. Correlation of such events, eg, intrusion attempts, traffic flow, and …