[HTML][HTML] Evolving techniques in cyber threat hunting: A systematic review
A Mahboubi, K Luong, H Aboutorab, HT Bui… - Journal of Network and …, 2024 - Elsevier
In the rapidly changing cybersecurity landscape, threat hunting has become a critical
proactive defense against sophisticated cyber threats. While traditional security measures …
proactive defense against sophisticated cyber threats. While traditional security measures …
Alert Prioritisation in Security Operations Centres: A Systematic Survey on Criteria and Methods
F Jalalvand, M Baruwal Chhetri, S Nepal… - ACM Computing …, 2024 - dl.acm.org
Security Operations Centres (SOCs) are specialised facilities where security analysts
leverage advanced technologies to monitor, detect, and respond to cyber incidents …
leverage advanced technologies to monitor, detect, and respond to cyber incidents …
Maddc: Multi-scale anomaly detection, diagnosis and correction for discrete event logs
X Wang, L Yang, D Li, L Ma, Y He, J Xiao, J Liu… - Proceedings of the 38th …, 2022 - dl.acm.org
Anomaly detection for discrete event logs can provide critical information for building secure
and reliable systems in various application domains, such as large scale data centers …
and reliable systems in various application domains, such as large scale data centers …
E-Audit: Distinguishing and investigating suspicious events for APTs attack detection
R Patil, S Muneeswaran, V Sachidananda… - Journal of Systems …, 2023 - Elsevier
Abstract To detect Advanced Persistent Threats (APTs), recent research efforts focus on
modeling the common attack kill chain. The provenance graph is one of the proven …
modeling the common attack kill chain. The provenance graph is one of the proven …
RAPID: real-time alert investigation with context-aware prioritization for efficient threat discovery
Y Liu, X Shu, Y Sun, J Jang, P Mittal - Proceedings of the 38th Annual …, 2022 - dl.acm.org
Alerts reported by intrusion detection systems (IDSes) are often the starting points for attack
campaign discovery and response procedures. However, the sheer number of alerts …
campaign discovery and response procedures. However, the sheer number of alerts …
EdgeTorrent: Real-time Temporal Graph Representations for Intrusion Detection
IJ King, X Shu, J Jang, K Eykholt, T Lee… - Proceedings of the 26th …, 2023 - dl.acm.org
Anomaly-based intrusion detection aims to learn the normal behaviors of a system and
detect activity that deviates from it. One of the best ways to represent the behavior of a …
detect activity that deviates from it. One of the best ways to represent the behavior of a …
Disprotrack: Distributed provenance tracking over serverless applications
U Satapathy, R Thakur… - … -IEEE Conference on …, 2023 - ieeexplore.ieee.org
Provenance tracking has been widely used in the recent literature to debug system
vulnerabilities and find the root causes behind faults, errors, or crashes over a running …
vulnerabilities and find the root causes behind faults, errors, or crashes over a running …
Anomaly detection in cybersecurity events through graph neural network and transformer based model: A case study with BETH dataset
B Lakha, SL Mount, E Serra… - 2022 IEEE International …, 2022 - ieeexplore.ieee.org
With the increasing prevalence of the internet, detecting malicious behavior is becoming a
greater need. This problem can be formulated as an anomaly detection task on provenance …
greater need. This problem can be formulated as an anomaly detection task on provenance …
ARGANIDS: a novel network intrusion detection system based on adversarially regularized graph autoencoder
A Venturi, M Ferrari, M Marchetti… - Proceedings of the 38th …, 2023 - dl.acm.org
Machine Learning (ML) algorithms are largely adopted in modern Network Intrusion
Detection Systems (NIDS). The most recent researches propose the use of Graph Neural …
Detection Systems (NIDS). The most recent researches propose the use of Graph Neural …
SR2APT: A Detection and Strategic Alert Response Model against Multistage APT Attacks
F Shen, L Perigo, JH Curry - Security and Communication …, 2023 - Wiley Online Library
Advanced persistent threats are an emerging cyber threat to cyber‐physical systems (CPS),
especially those comprising mission‐critical physical assets. However, defense against such …
especially those comprising mission‐critical physical assets. However, defense against such …