English
Related papers

Related papers: Malicious Behavior Detection using Windows Audit L…

200 papers

As cyber threats continue to evolve in complexity and frequency, robust endpoint protection is essential for organizational security. This paper presents "Endpoint Security Agent: A Comprehensive Approach to Real-time System Monitoring and…

Cryptography and Security · Computer Science 2025-11-12 Srihari R , Ayesha Taranum , Karthik , Mohammed Usman Hussain

In recent years malware has become increasingly sophisticated and difficult to detect prior to exploitation. While there are plenty of approaches to malware detection, they all have shortcomings when it comes to identifying malware…

Cryptography and Security · Computer Science 2021-08-17 Dorel Yaffe , Danny Hendler

Log-based insider threat detection (ITD) detects malicious user activities by auditing log entries. Recently, large language models (LLMs) with strong common sense knowledge have emerged in the domain of ITD. Nevertheless, diverse activity…

Cryptography and Security · Computer Science 2024-08-20 Chengyu Song , Linru Ma , Jianming Zheng , Jinzhi Liao , Hongyu Kuang , Lin Yang

End-point monitoring solutions are widely deployed in today's enterprise environments to support advanced attack detection and investigation. These monitors continuously record system-level activities as audit logs and provide deep…

Cryptography and Security · Computer Science 2026-02-16 Hao Zhang , Shuo Shao , Song Li , Zhenyu Zhong , Yan Liu , Zhan Qin

Being on a mushrooming spree since at least 2013, malware can take a large toll on any system. In a perpetual cat-and-mouse chase with defenders, malware writers constantly conjure new methods to hide their code so as to evade detection by…

Cryptography and Security · Computer Science 2023-05-09 Efstratios Chatzoglou , Georgios Karopoulos , Georgios Kambourakis , Zisis Tsiatsikas

Most of today's security solutions, such as security information and event management (SIEM) and signature based IDS, require the operator to evaluate potential attack vectors and update detection signatures and rules in a timely manner.…

Cryptography and Security · Computer Science 2021-01-19 Markus Wurzenberger , Florian Skopik , Roman Fiedler , Wolfgang Kastner

Perimeter-based detection is no longer sufficient for mitigating the threat posed by malicious software. This is evident as antivirus (AV) products are replaced by endpoint detection and response (EDR) products, the latter allowing…

Cryptography and Security · Computer Science 2022-01-13 Matilda Rhode , Pete Burnap , Adam Wedgbury

Malicious software is abundant in a world of innumerable computer users, who are constantly faced with these threats from various sources like the internet, local networks and portable drives. Malware is potentially low to high risk and can…

Cryptography and Security · Computer Science 2012-05-15 Priyank Singhal , Nataasha Raul

What should a developer inspect before deploying an LLM agent: the model, the tool code, the deployment configuration, or all three? In practice, many security failures in agent systems arise not from model weights alone, but from the…

Cryptography and Security · Computer Science 2026-03-25 Haiyue Zhang , Yi Nian , Yue Zhao

There is an overlooked iceberg of problems in end user computing. Spreadsheets are developed by people who are very skilled in their main job function, be it finance, procurement, or production planning, but often have had no formal…

Human-Computer Interaction · Computer Science 2008-06-03 Pat Cleary , Dr David Ball , Mukul Madahar , Simon Thorne , Christopher Gosling , Karen Fernandez

Web traffic has evolved to include both human users and automated agents, ranging from benign web crawlers to adversarial scanners such as those capable of credential stuffing, command injection, and account hijacking at the web scale. The…

Machine Learning · Computer Science 2024-12-11 Behzad Ousat , Mahshad Shariatnasab , Esteban Schafir , Farhad Shirani Chaharsooghi , Amin Kharraz

Analysing malware is important to understand how malicious software works and to develop appropriate detection and prevention methods. Dynamic analysis can overcome evasion techniques commonly used to bypass static analysis and provide…

Cryptography and Security · Computer Science 2023-10-30 Baskoro Adi Pratomo , Toby Jackson , Pete Burnap , Andrew Hood , Eirini Anthi

Botnets, which consist of thousands of compromised machines, can cause significant threats to other systems by launching Distributed Denial of Service (SSoS) attacks, keylogging, and backdoors. In response to these threats, new effective…

Artificial Intelligence · Computer Science 2010-07-05 Yousof Al-Hammadi , Uwe Aickelin

Anomaly detection in event logs is a promising approach for intrusion detection in enterprise networks. By building a statistical model of usual activity, it aims to detect multiple kinds of malicious behavior, including stealthy tactics,…

Cryptography and Security · Computer Science 2022-06-29 Corentin Larroche , Johan Mazel , Stephan Clémençon

Cyberattacks have grown into a major risk for organizations, with common consequences being data theft, sabotage, and extortion. Since preventive measures do not suffice to repel attacks, timely detection of successful intruders is crucial…

Cryptography and Security · Computer Science 2023-12-21 Rafael Uetz , Marco Herzog , Louis Hackländer , Simon Schwarz , Martin Henze

Rule-based IDS (intrusion detection systems) are being replaced by more robust neural IDS, which demonstrate great potential in the field of Cybersecurity. However, these ML approaches continue to rely on ad-hoc feature engineering…

Artificial Intelligence · Computer Science 2021-08-30 Andrew Golczynski , John A. Emanuello

Large Language Model (LLM) providers expose fine-tuning APIs that let end users fine-tune their frontier LLMs. Unfortunately, it has been shown that an adversary with fine-tuning access to an LLM can bypass safeguards. Particularly…

Cryptography and Security · Computer Science 2025-10-21 Sarah Egler , John Schulman , Nicholas Carlini

This paper proposes a generic classification system designed to detect security threats based on the behavior of malware samples. The system relies on statistical features computed from proxy log fields to train detectors using a database…

Machine Learning · Statistics 2017-02-09 Lukas Machlica , Karel Bartos , Michal Sofka

Recent benchmark efforts have advanced the evaluation of large language models (LLMs) in cybersecurity, including tasks such as penetration testing and vulnerability identification. However, a critical cybersecurity task, namely intrusion…

Cryptography and Security · Computer Science 2026-05-22 Danyu Sun , Jinghuai Zhang , Yuan Tian , Zhou Li

Large Language Models (LLMs) have been increasingly integrated into computer-use agents, which can autonomously operate tools on a user's computer to accomplish complex tasks. However, due to the inherently unstable and unpredictable nature…

Cryptography and Security · Computer Science 2025-09-10 Haitao Hu , Peng Chen , Yanpeng Zhao , Yuqi Chen
‹ Prev 1 2 3 10 Next ›