English
Related papers

Related papers: Multi-Stage Attack Detection via Kill Chain State …

200 papers

In Advanced Persistent Threat (APT) attacks, achieving stealthy persistence within target systems is often crucial for an attacker's success. This persistence allows adversaries to maintain prolonged access, often evading detection…

Cryptography and Security · Computer Science 2026-05-14 Qi Liu , Muhammad Shoaib , Mati Ur Rehman , Kaibin Bao , Veit Hagenmeyer , Wajih Ul Hassan

Advanced persistent threat (APT) is a kind of stealthy, sophisticated, and long-term cyberattack that has brought severe financial losses and critical infrastructure damages. Existing works mainly focus on APT defense under stable network…

Computer Science and Game Theory · Computer Science 2023-09-04 Zixuan Wang , Jiliang Li , Yuntao Wang , Zhou Su , Shui Yu , Weizhi Meng

Software updates reduce the opportunity for exploitation. However, since updates can also introduce breaking changes, enterprises face the problem of balancing the need to secure software with updates with the need to support operations. We…

Cryptography and Security · Computer Science 2022-05-26 Giorgio Di Tizio , Michele Armellini , Fabio Massacci

Cyber Threat Intelligence (CTI) reports are factual records compiled by security analysts through their observations of threat events or their own practical experience with attacks. In order to utilize CTI reports for attack detection,…

Cryptography and Security · Computer Science 2024-10-16 Wenrui Cheng , Tiantian Zhu , Tieming Chen , Qixuan Yuan , Jie Ying , Hongmei Li , Chunlin Xiong , Mingda Li , Mingqi Lv , Yan Chen

The scarcity of data and the high complexity of Advanced Persistent Threats (APTs) attacks have created challenges in comprehending their behavior and hindered the exploration of effective detection techniques. To create an effective APT…

Cryptography and Security · Computer Science 2025-02-14 Almuthanna Alageel , Sergio Maffeis , Imperial College London

Evaluating the security of multi-agent systems (MASs) powered by large language models (LLMs) is challenging, primarily because of the systems' complex internal dynamics and the evolving nature of LLM vulnerabilities. Traditional attack…

Cryptography and Security · Computer Science 2025-06-04 Parth Atulbhai Gandhi , Akansha Shukla , David Tayouri , Beni Ifland , Yuval Elovici , Rami Puzis , Asaf Shabtai

Interpreting the massive volume of security alerts is a significant challenge in Security Operations Centres (SOCs). Effective contextualisation is important, enabling quick distinction between genuine threats and benign activity to…

Cryptography and Security · Computer Science 2025-09-19 Magnus Wiik Eckhoff , Peter Marius Flydal , Siem Peters , Martin Eian , Jonas Halvorsen , Vasileios Mavroeidis , Gudmund Grov

Graphical security models constitute a well-known, user-friendly way to represent the security of a system. These kinds of models are used by security experts to identify vulnerabilities and assess the security of a system. The manual…

Cryptography and Security · Computer Science 2023-09-26 Alyzia-Maria Konsta , Beatrice Spiga , Alberto Lluch Lafuente , Nicola Dragoni

Enterprise networks are growing ever larger with a rapidly expanding attack surface, increasing the volume of security alerts generated from security controls. Security Operations Centre (SOC) analysts triage these alerts to identify…

Cryptography and Security · Computer Science 2025-05-16 Melissa Turcotte , François Labrèche , Serge-Olivier Paquette

Network intrusion detection sensors are usually built around low level models of network traffic. This means that their output is of a similarly low level and as a consequence, is difficult to analyze. Intrusion alert correlation is the…

Cryptography and Security · Computer Science 2010-07-05 Gianni Tedesco , Uwe Aickelin

Provenance-based threat hunting identifies Advanced Persistent Threats (APTs) on endpoints by correlating attack patterns described in Cyber Threat Intelligence (CTI) with provenance graphs derived from system audit logs. A fundamental…

Cryptography and Security · Computer Science 2026-01-01 Xuebo Qiu , Mingqi Lv , Yimei Zhang , Tieming Chen , Tiantian Zhu , Qijie Song , Shouling Ji

Cyber threat intelligence (CTI) analysts must answer complex questions over large collections of narrative security reports. Retrieval-augmented generation (RAG) systems help language models access external knowledge, but traditional vector…

Artificial Intelligence · Computer Science 2026-04-14 Dzenan Hamzic , Florian Skopik , Max Landauer , Markus Wurzenberger , Andreas Rauber

Machine learning based network intrusion detection systems are vulnerable to adversarial attacks that degrade classification performance under both gradient-based and distribution shift threat models. Existing defenses typically apply…

Cryptography and Security · Computer Science 2026-03-03 Oluseyi Olukola , Nick Rahimi

Attack Graph (AG) represents the best-suited solution to support cyber risk assessment for multi-step attacks on computer networks, although their generation suffers from poor scalability due to their combinatorial complexity. Current…

Cryptography and Security · Computer Science 2024-09-10 Alessandro Palma , Marco Angelini

The rapid proliferation of Model Context Protocol (MCP)-based agentic systems has introduced a new category of security threats that existing frameworks are inadequately equipped to address. We present MCPThreatHive, an open-source platform…

Cryptography and Security · Computer Science 2026-04-16 Yi Ting Shen , Kentaroh Toyoda , Alex Leung

Imagine receiving a video call from your CFO, surrounded by colleagues, asking you to urgently authorise a confidential transfer. You comply. Every person on that call was fake, and you just lost $25 million. This is not a hypothetical. It…

Cryptography and Security · Computer Science 2026-04-08 Muhammad Tahir Ashraf

A Network Intrusion Detection System (NIDS) is a network security technology for detecting intruder attacks. However, it produces a great amount of low-level alerts which makes the analysis difficult, especially to construct the attack…

Cryptography and Security · Computer Science 2021-10-19 Taqwa Ahmed Alhaj , Maheyzah Md Siraj , Anazida Zainal , Inshirah Idris , Anjum Nazir , Fatin Elhaj , Tasneem Darwish

Advanced Persistent Threat (APT) attacks have caused significant damage worldwide. Various Endpoint Detection and Response (EDR) systems are deployed by enterprises to fight against potential threats. However, EDR suffers from high false…

Cryptography and Security · Computer Science 2024-05-07 Tiantian Zhu , Jie Ying , Tieming Chen , Chunlin Xiong , Wenrui Cheng , Qixuan Yuan , Aohan Zheng , Mingqi Lv , Yan Chen

Assessing the security posture of Industrial Control Systems (ICS) is critical for protecting essential infrastructure. However, the complexity and scale of these environments make it challenging to identify and prioritize potential attack…

Cryptography and Security · Computer Science 2026-04-30 Lucas Miranda , Carlos Banjar , Daniel Menasche , Anton Kocheturov , Gaurav Srivastava , Tobias Limmer

This paper studies the deployment of joint moving target defense (MTD) and deception against multi-stage cyberattacks. Given the system equipped with MTD that randomizes between different configurations, we investigate how to allocate a…

Cryptography and Security · Computer Science 2022-10-17 Lening Li , Haoxiang Ma , Shuo Han , Jie Fu
‹ Prev 1 3 4 5 6 7 10 Next ›