Related papers: Data Reduction in Intrusion Alert Correlation
Early detection of network intrusions and cyber threats is one of the main pillars of cybersecurity. One of the most effective approaches for this purpose is to analyze network traffic with the help of artificial intelligence algorithms,…
Graph embeddings have been proposed to map graph data to low dimensional space for downstream processing (e.g., node classification or link prediction). With the increasing collection of personal data, graph embeddings can be trained on…
There is a growing interest in the use of video sensor networks in surveillance applications in order to detect intruders with low cost. The essential concern of such networks is whether or not a specified target can pass or intrude the…
Backdoor attack is a powerful attack algorithm to deep learning model. Recently, GNN's vulnerability to backdoor attack has been proved especially on graph classification task. In this paper, we propose the first backdoor detection and…
As the number of cyberattacks and their particualr nature escalate, the need for effective intrusion detection systems (IDS) has become indispensable for ensuring the security of contemporary networks. Adaptive and more sophisticated…
A sequential test is proposed for detection and isolation of hubs in a correlation graph. Hubs in a correlation graph of a random vector are variables (nodes) that have a strong correlation edge. It is assumed that the random vectors are…
Wireless Sensor Network (WSN) consists of large number of low-cost, resource-constrained sensor nodes. The constraints of the wireless sensor node is their characteristics which include low memory, low computation power, they are deployed…
In order to detect unknown intrusions and runtime errors of computer programs, the cyber-security community has developed various detection techniques. Anomaly detection is an approach that is designed to profile the normal runtime behavior…
Microservice systems expose rich telemetry streams, including metrics, logs, and distributed traces. Existing performance anomaly detection methods increasingly model these systems as graphs, where nodes represent services and edges…
Attackers have developed ever more sophisticated and intelligent ways to hack information and communication technology systems. The extent of damage an individual hacker can carry out upon infiltrating a system is well understood. A…
The current amount of IoT devices and their limitations has come to serve as a motivation for malicious entities to take advantage of such devices and use them for their own gain. To protect against cyberattacks in IoT devices, Machine…
Cryptography techniques are essential for a robust and stable security design of a system to mitigate the risk of external attacks and thus improve its efficiency. Wireless Sensor Networks (WSNs) play a pivotal role in sensing, monitoring,…
Security alert screening is the downstream task of filtering, prioritizing, correlating, and contextualizing alerts for analyst attention in Security Operations Centers. This survey reviews artificial-intelligence-driven alert screening and…
With the development of information technology, the border of the cyberspace gets much broader, exposing more and more vulnerabilities to attackers. Traditional mitigation-based defence strategies are challenging to cope with the current…
Smart grid's objective is to enable electricity and information to flow two-way while providing effective, robust, computerized, and decentralized energy delivery. This necessitates the use of state estimation-based techniques and real-time…
We present a method to learn automaton models that are more robust to input modifications. It iteratively aligns sequences to a learned model, modifies the sequences to their aligned versions, and re-learns the model. Automaton learning…
Nowadays online users prefer to join multiple social media for the purpose of socialized online service. The problem \textit{anchor link prediction} is formalized to link user data with the common ground on user profile, content and network…
Collaborative intrusion detection networks are often used to gain better detection accuracy and cost efficiency as compared to a single host-based intrusion detection system (IDS). Through cooperation, it is possible for a local IDS to…
The problem of mitigating maliciously injected signals in interconnected systems is dealt with in this paper. We consider the class of covert attacks, as they are stealthy and cannot be detected by conventional means in centralized…
Network theory and inverse modeling are two standard tools of applied physics, whose combination is needed when studying the dynamical organization of spatially distributed systems from indirect measurements. However, the associated…