English
Related papers

Related papers: EXTRACTOR: Extracting Attack Behavior from Threat …

200 papers

Attribution of cyber-attacks remains a complex but critical challenge for cyber defenders. Currently, manual extraction of behavioral indicators from dense forensic documentation causes significant attribution delays, especially following…

Cryptography and Security · Computer Science 2025-05-20 Kyla Guru , Robert J. Moss , Mykel J. Kochenderfer

Language models are prone to memorizing their training data, making them vulnerable to extraction attacks. While existing research often examines isolated setups, such as a single model or a fixed prompt, real-world adversaries have a…

Cryptography and Security · Computer Science 2025-08-11 Yash More , Prakhar Ganesh , Golnoosh Farnadi

Early detection of network intrusions and cyber threats is one of the main pillars of cybersecurity. One of the most effective approaches for this purpose is to analyze network traffic with the help of artificial intelligence algorithms,…

Cryptography and Security · Computer Science 2024-02-13 Giacomo Zonneveld , Lorenzo Principi , Marco Baldi

Event extraction involves the detection and extraction of both the event triggers and corresponding event arguments. Existing systems often decompose event extraction into multiple subtasks, without considering their possible interactions.…

Computation and Language · Computer Science 2022-10-18 Huiling You , David Samuel , Samia Touileb , Lilja Øvrelid

High-level natural language knowledge in CTI reports, such as the ATT&CK framework, is beneficial to counter APT attacks. However, how to automatically apply the high-level knowledge in CTI reports in realistic attack detection systems,…

Cryptography and Security · Computer Science 2025-09-09 Yuhan Meng , Shaofei Li , Jiaping Gui , Peng Jiang , Ding Li

Threat hunting is a proactive methodology for exploring, detecting and mitigating cyberattacks within complex environments. As opposed to conventional detection systems, threat hunting strategies assume adversaries have infiltrated the…

Cryptography and Security · Computer Science 2023-10-09 Ángel Casanova Bienzobas , Alfonso Sánchez-Macián

Machine learning models are shown to face a severe threat from Model Extraction Attacks, where a well-trained private model owned by a service provider can be stolen by an attacker pretending as a client. Unfortunately, prior works focus on…

Machine Learning · Computer Science 2021-12-02 Bang Wu , Xiangwen Yang , Shirui Pan , Xingliang Yuan

An Intrusion Detection System (IDS) to secure computer networks reports indicators for an attack as alerts. However, every attack can result in a multitude of IDS alerts that need to be correlated to see the full picture of the attack. In…

Cryptography and Security · Computer Science 2020-03-13 Steffen Haas , Florian Wilkens , Mathias Fischer

In the digital era, threat actors employ sophisticated techniques for which, often, digital traces in the form of textual data are available. Cyber Threat Intelligence~(CTI) is related to all the solutions inherent to data collection,…

Cryptography and Security · Computer Science 2023-11-16 Marco Arazzi , Dincy R. Arikkat , Serena Nicolazzo , Antonino Nocera , Rafidha Rehiman K. A. , Vinod P. , Mauro Conti

Modern enterprise networks comprise diverse and heterogeneous systems that support a wide range of services, making it challenging for administrators to track and analyze sophisticated attacks such as advanced persistent threats (APTs),…

Cryptography and Security · Computer Science 2025-11-13 Seunghyeon Lee , Hyunmin Seo , Hwanjo Heo , Anduo Wang , Seungwon Shin , Jinwoo Kim

Multi-source logs provide a comprehensive overview of ongoing system activities, allowing for in-depth analysis to detect potential threats. A practical approach for threat detection involves explicit extraction of entity triples (subject,…

Software Engineering · Computer Science 2024-11-26 Zhuoran Tan , Christos Anagnostopoulos , Shameem P. Parambath , Jeremy Singer

Document-level event extraction aims to recognize event information from a whole piece of article. Existing methods are not effective due to two challenges of this task: a) the target event arguments are scattered across sentences; b) the…

Computation and Language · Computer Science 2021-06-01 Runxin Xu , Tianyu Liu , Lei Li , Baobao Chang

Cyber threat intelligence (CTI) is essential for effective system defense. CTI is a collection of information about current or past threats to a computer system. This information is gathered by an agent through observation, or based on a…

Cryptography and Security · Computer Science 2025-04-03 Laurent Bobelin , Sabine Frittella , Mariam Wehbe

Defending from cyberattacks requires practitioners to operate on high-level adversary behavior. Cyberthreat intelligence (CTI) reports on past cyberattack incidents describe the chain of malicious actions with respect to time. To avoid…

Cryptography and Security · Computer Science 2024-01-04 Md Rayhanur Rahman , Brandon Wroblewski , Quinn Matthews , Brantley Morgan , Tim Menzies , Laurie Williams

The swift spread of fake news and disinformation campaigns poses a significant threat to public trust, political stability, and cybersecurity. Traditional Cyber Threat Intelligence (CTI) approaches, which rely on low-level indicators such…

Cryptography and Security · Computer Science 2025-10-20 Domenico Cotroneo , Roberto Natella , Vittorio Orbinato

To safeguard sensitive user data, web developers typically rely on implicit access-control policies, which they implement using access checks and query filters. This ad hoc approach is error-prone as these scattered checks and filters are…

Software Engineering · Computer Science 2024-12-13 Wen Zhang , Dev Bali , Jamison Kerney , Aurojit Panda , Scott Shenker

Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to…

Cryptography and Security · Computer Science 2023-07-27 Simon Unger , Ektor Arzoglou , Markus Heinrich , Dirk Scheuermann , Stefan Katzenbeisser

Model extraction attacks are a kind of attacks where an adversary obtains a machine learning model whose performance is comparable with one of the victim model through queries and their results. This paper presents a novel model extraction…

Cryptography and Security · Computer Science 2021-10-01 Masataka Tasumi , Kazuki Iwahana , Naoto Yanai , Katsunari Shishido , Toshiya Shimizu , Yuji Higuchi , Ikuya Morikawa , Jun Yajima

With the development of information technology, the border of the cyberspace gets much broader, exposing more and more vulnerabilities to attackers. Traditional mitigation-based defence strategies are challenging to cope with the current…

Cryptography and Security · Computer Science 2020-12-15 Zhenyuan Li , Qi Alfred Chen , Runqing Yang , Yan Chen

Programs for extracting structured information from text, namely information extractors, often operate separately on document segments obtained from a generic splitting operation such as sentences, paragraphs, k-grams, HTTP requests, and so…

Databases · Computer Science 2021-05-21 Johannes Doleschal , Benny Kimelfeld , Wim Martens , Frank Neven , Matthias Niewerth