Implementing Data Exfiltration Defense in Situ: A Survey of Countermeasures and Human Involvement
In this article we consider the problem of defending against increasing data exfiltration
threats in the domain of cybersecurity. We review existing work on exfiltration threats and …
threats in the domain of cybersecurity. We review existing work on exfiltration threats and …
BoostedEnML: Efficient technique for detecting cyberattacks in IoT systems using boosted ensemble machine learning
Following the recent advances in wireless communication leading to increased Internet of
Things (IoT) systems, many security threats are currently ravaging IoT systems, causing …
Things (IoT) systems, many security threats are currently ravaging IoT systems, causing …
Breaking alert fatigue: Ai-assisted siem framework for effective incident response
Contemporary security information and event management (SIEM) solutions struggle to
identify critical security incidents effectively due to the overwhelming number of false alerts …
identify critical security incidents effectively due to the overwhelming number of false alerts …
Everybody's Got ML, Tell Me What Else You Have: Practitioners' Perception of ML-Based Security Tools and Explanations
Significant efforts have been investigated to develop machine learning (ML) based tools to
support security operations. However, they still face key challenges in practice. A generally …
support security operations. However, they still face key challenges in practice. A generally …
Ai-assisted security alert data analysis with imbalanced learning methods
Intrusion analysis is essential for cybersecurity, but oftentimes, the overwhelming number of
false alerts issued by security appliances can prove to be a considerable hurdle. Machine …
false alerts issued by security appliances can prove to be a considerable hurdle. Machine …
Threat classification model for security information event management focusing on model efficiency
J Kim, HY Kwon - Computers & Security, 2022 - Elsevier
As various types of network threats have increased recently, manual threat response by
security analysts has become a limitation. To compensate for this, the importance of security …
security analysts has become a limitation. To compensate for this, the importance of security …
[PDF][PDF] Towards anomaly detection in reinforcement learning
Identifying datapoints that substantially differ from normality is the task of anomaly detection
(AD). While AD has gained widespread attention in rich data domains such as images …
(AD). While AD has gained widespread attention in rich data domains such as images …
A machine learning approach to detection of critical alerts from imbalanced multi-appliance threat alert logs
The extraordinary number of alerts generated by network intrusion detection systems (NIDS)
can desensitize security analysts tasked with incident response. Security information and …
can desensitize security analysts tasked with incident response. Security information and …
Combating alert fatigue with AlertPro: Context-aware alert prioritization using reinforcement learning for multi-step attack detection
X Wang, X Yang, X Liang, X Zhang, W Zhang… - Computers & …, 2024 - Elsevier
Alert fatigue problems can have serious consequences for the enterprise security. When
analysts become overwhelmed by the sheer number of alerts, high-risk alerts may go …
analysts become overwhelmed by the sheer number of alerts, high-risk alerts may go …
Combating informational denial-of-service (IDoS) attacks: modeling and mitigation of attentional human vulnerability
This work proposes a new class of proactive attacks called the Informational Denial-of-
Service (IDoS) attacks that exploit the attentional human vulnerability. By generating a large …
Service (IDoS) attacks that exploit the attentional human vulnerability. By generating a large …