English
Related papers

Related papers: Anomaly Detection in Log Data using Graph Database…

200 papers

Multi-stage threats like advanced persistent threats (APT) pose severe risks by stealing data and destroying infrastructure, with detection being challenging. APTs use novel attack vectors and evade signature-based detection by obfuscating…

Cryptography and Security · Computer Science 2024-06-21 Florian Nelles , Abbas Yazdinejad , Ali Dehghantanha , Reza M. Parizi , Gautam Srivastava

Advanced Persistent Threats (APTs) pose a major cybersecurity challenge due to their stealth and ability to mimic normal system behavior, making detection particularly difficult in highly imbalanced datasets. Traditional anomaly detection…

Cryptography and Security · Computer Science 2025-02-14 Sidahmed Benabderrahmane , Petko Valtchev , James Cheney , Talal Rahwan

Advanced attack campaigns span across multiple stages and stay stealthy for long time periods. There is a growing trend of attackers using off-the-shelf tools and pre-installed system applications (such as \emph{powershell} and \emph{wmic})…

Cryptography and Security · Computer Science 2019-05-21 Aditya Kuppa , Slawomir Grzonkowski , Muhammad Rizwan Asghar , Nhien-An Le-Khac

Advanced persistent threats (APTs) pose significant challenges for organizations, leading to data breaches, financial losses, and reputational damage. Existing provenance-based approaches for APT detection often struggle with high false…

Cryptography and Security · Computer Science 2024-06-11 Yonatan Amaru , Prasanna Wudali , Yuval Elovici , Asaf Shabtai

Advanced persistent threats (APTs) are stealthy and multi-stage, making single-point defenses (e.g., malware- or traffic-based detectors) ill-suited to capture long-range and cross-entity attack semantics. Provenance-graph analysis has…

Cryptography and Security · Computer Science 2026-01-14 Mingqi Lv , Shanshan Zhang , Haiwen Liu , Tieming Chen , Tiantian Zhu

Advanced Persistent Threat (APT) attack, also known as directed threat attack, refers to the continuous and effective attack activities carried out by an organization on a specific object. They are covert, persistent and targeted, which are…

Cryptography and Security · Computer Science 2020-10-28 Ru Zhang , Wenxin Sun , Jianyi Liu , Jingwen Li , Guan Lei , Han Guo

Advance Persistent Threats (APTs), adopted by most delicate attackers, are becoming increasing common and pose great threat to various enterprises and institutions. Data provenance analysis on provenance graphs has emerged as a common…

Cryptography and Security · Computer Science 2023-10-17 Zian Jia , Yun Xiong , Yuhong Nan , Yao Zhang , Jinjing Zhao , Mi Wen

Lateral movement is a crucial component of advanced persistent threat (APT) attacks in networks. Attackers exploit security vulnerabilities in internal networks or IoT devices, expanding their control after initial infiltration to steal…

Cryptography and Security · Computer Science 2024-11-18 Jiajun Zhou , Jiacheng Yao , Xuanze Chen , Shanqing Yu , Qi Xuan , Xiaoniu Yang

In order to detect unknown intrusions and runtime errors of computer programs, the cyber-security community has developed various detection techniques. Anomaly detection is an approach that is designed to profile the normal runtime behavior…

Cryptography and Security · Computer Science 2021-06-03 Byunggu Yu , Junwhan Kim

Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to…

Cryptography and Security · Computer Science 2023-07-27 Simon Unger , Ektor Arzoglou , Markus Heinrich , Dirk Scheuermann , Stefan Katzenbeisser

Modern cyber attackers use advanced zero-day exploits, highly targeted spear phishing, and other social engineering techniques to gain access and also use evasion techniques to maintain a prolonged presence within the victim network while…

Cryptography and Security · Computer Science 2023-10-03 Bibek Bhattarai , H. Howie Huang

Host-based threats such as Program Attack, Malware Implantation, and Advanced Persistent Threats (APT), are commonly adopted by modern attackers. Recent studies propose leveraging the rich contextual information in data provenance to detect…

Cryptography and Security · Computer Science 2025-04-04 Su Wang , Zhiliang Wang , Tao Zhou , Xia Yin , Dongqi Han , Han Zhang , Hongbin Sun , Xingang Shi , Jiahai Yang

The ever-evolving capabilities of cyber attackers force security administrators to focus on the early identification of emerging threats. Targeted cyber attacks usually consist of several phases, from initial reconnaissance of the network…

Cryptography and Security · Computer Science 2022-06-22 Lukáš Sadlek , Pavel Čeleda , Daniel Tovarňák

With the advancement of IoT technology, many electronic devices are interconnected through networks, communicating with each other and performing specific roles. However, as numerous devices join networks, the threat of cyberattacks also…

Cryptography and Security · Computer Science 2023-11-28 Sangbeom Park , Jaesung Lee , Jeong Do Yoo , Min Geun Song , Hyosun Lee , Jaewoong Choi , Chaeyeon Sagong , Huy Kang Kim

The rapid expansion of cloud infrastructures and distributed identity systems has significantly increased the complexity and attack surface of modern enterprises. Traditional rule based or signature driven detection systems are often…

Cryptography and Security · Computer Science 2025-12-12 Venkata Tanuja Madireddy

Advanced Persistent Threats (APTs) present a considerable challenge to cybersecurity due to their stealthy, long-duration nature. Traditional supervised learning methods typically require large amounts of labeled data, which is often scarce…

Cryptography and Security · Computer Science 2025-09-08 Sidahmed Benabderrahmane , Talal Rahwan

Advanced persistent threats (APTs) are stealthy attacks which make use of social engineering and deception to give adversaries insider access to networked systems. Against APTs, active defense technologies aim to create and exploit…

Cryptography and Security · Computer Science 2019-01-24 Jeffrey Pawlick , Thi Thu Hang Nguyen , Edward Colbert , Quanyan Zhu

This paper is devoted to measuring the security of cyber networks under advanced persistent threats (APTs). First, an APT-based cyber attack-defense process is modeled as an individual-level dynamical system. Second, the dynamic model is…

Cryptography and Security · Computer Science 2017-07-13 Lu-Xing Yang , Pengdeng Li , Xiaofan Yang , Luosheng Wen , Yingbo Wu , Yuan Yan Tang

Provenance graphs are useful and powerful tools for representing system-level activities in cybersecurity; however, existing approaches often struggle with complex queries and flexible reasoning. This paper presents a novel approach using…

Cryptography and Security · Computer Science 2025-01-27 Fang Li , Fei Zuo , Gopal Gupta

Provenance-based threat hunting identifies Advanced Persistent Threats (APTs) on endpoints by correlating attack patterns described in Cyber Threat Intelligence (CTI) with provenance graphs derived from system audit logs. A fundamental…

Cryptography and Security · Computer Science 2026-01-01 Xuebo Qiu , Mingqi Lv , Yimei Zhang , Tieming Chen , Tiantian Zhu , Qijie Song , Shouling Ji