English
Related papers

Related papers: Living-off-the-Land Abuse Detection Using Natural …

200 papers

In recent years, enterprises have been targeted by advanced adversaries who leverage creative ways to infiltrate their systems and move laterally to gain access to critical data. One increasingly common evasive method is to hide the…

Cryptography and Security · Computer Science 2021-12-01 Talha Ongun , Jack W. Stokes , Jonathan Bar Or , Ke Tian , Farid Tajaddodianfar , Joshua Neil , Christian Seifert , Alina Oprea , John C. Platt

A strategy used by malicious actors is to "live off the land," where benign systems and tools already available on a victim's systems are used and repurposed for the malicious actor's intent. In this work, we ask if there is a way for…

Cryptography and Security · Computer Science 2024-11-28 Siddhant Gupta , Fred Lu , Andrew Barlow , Edward Raff , Francis Ferraro , Cynthia Matuszek , Charles Nicholas , James Holt

Living-off-the-land (LOTL) techniques pose a significant challenge to security operations, exploiting legitimate tools to execute malicious commands that evade traditional detection methods. To address this, we present a robust augmentation…

Cryptography and Security · Computer Science 2024-12-17 Dmitrijs Trizna , Luca Demetrio , Battista Biggio , Fabio Roli

To avoid detection, adversaries often use command-line obfuscation. There are numerous techniques of the command-line obfuscation, all designed to alter the command-line syntax without affecting its original functionality. This variability…

Cryptography and Security · Computer Science 2024-08-06 Vojtech Outrata , Michael Adam Polak , Martin Kopp

Machine-learning methods have already been exploited as useful tools for detecting malicious executable files. They leverage data retrieved from malware samples, such as header fields, instruction sequences, or even raw bytes, to learn…

Cryptography and Security · Computer Science 2018-03-13 Bojan Kolosnjaji , Ambra Demontis , Battista Biggio , Davide Maiorca , Giorgio Giacinto , Claudia Eckert , Fabio Roli

As command-line interfaces remain integral to high-performance computing environments, the risk of exploitation through stealthy and complex command-line abuse grows. Conventional security solutions struggle to detect these anomalies due to…

Cryptography and Security · Computer Science 2024-12-10 Vaishali Vinay , Anjali Mangal

Anomaly detection is a method for discovering unusual and suspicious behavior. In many real-world scenarios, the examined events can be directly linked to the actions of an adversary, such as attacks on computer networks or frauds in…

Machine Learning · Computer Science 2020-04-23 Olga Petrova , Karel Durkota , Galina Alperovich , Karel Horak , Michal Najman , Branislav Bosansky , Viliam Lisy

In living off the land attacks, malicious actors use legitimate tools and processes already present on a system to avoid detection. In this paper, we explore how the on-device LLMs of the future will become a security concern as threat…

Cryptography and Security · Computer Science 2025-10-14 Sean Oesch , Jack Hutchins , Luke Koch , Kevin Kurian

As the amount of cyber data continues to grow, cyber network defenders are faced with increasing amounts of data they must analyze to ensure the security of their networks. In addition, new types of attacks are constantly being created and…

Cryptography and Security · Computer Science 2018-09-03 Bartley D. Richardson , Benjamin J. Radford , Shawn E. Davis , Keegan Hines , David Pekarek

With the increasingly rapid development of new malicious computer software by bad faith actors, both commercial and research-oriented antivirus detectors have come to make greater use of machine learning tactics to identify such malware as…

Cryptography and Security · Computer Science 2021-12-07 Hamish Spencer , Wei Wang , Ruoxi Sun , Minhui Xue

Deep learning is becoming increasingly popular in real-life applications, especially in natural language processing (NLP). Users often choose training outsourcing or adopt third-party data and models due to data and computation resources…

Computation and Language · Computer Science 2022-11-23 Xuan Sheng , Zhaoyang Han , Piji Li , Xiangmao Chang

Given the dynamic nature of toxic language use, automated methods for detecting toxic spans are likely to encounter distributional shift. To explore this phenomenon, we evaluate three approaches for detecting toxic spans under cross-domain…

Computation and Language · Computer Science 2023-06-19 Stefan F. Schouten , Baran Barbarestani , Wondimagegnhue Tufa , Piek Vossen , Ilia Markov

Natural language processing (NLP) models are known to be vulnerable to backdoor attacks, which poses a newly arisen threat to NLP models. Prior online backdoor defense methods for NLP models only focus on the anomalies at either the input…

Computation and Language · Computer Science 2022-10-17 Sishuo Chen , Wenkai Yang , Zhiyuan Zhang , Xiaohan Bi , Xu Sun

This paper proposes a machine learning-based approach for detecting the exploitation of vulnerabilities in the wild by monitoring underground hacking forums. The increasing volume of posts discussing exploitation in the wild calls for an…

In order to detect unknown intrusions and runtime errors of computer programs, the cyber-security community has developed various detection techniques. Anomaly detection is an approach that is designed to profile the normal runtime behavior…

Cryptography and Security · Computer Science 2021-06-03 Byunggu Yu , Junwhan Kim

Deployed real-world machine learning applications are often subject to uncontrolled and even potentially malicious inputs. Those out-of-domain inputs can lead to unpredictable outputs and sometimes catastrophic safety issues. Prior studies…

Computation and Language · Computer Science 2022-05-23 Keyang Xu , Tongzheng Ren , Shikun Zhang , Yihao Feng , Caiming Xiong

Malware authors are continuously evolving their code base to include counter-analysis methods that can significantly hinder their detection and blocking. While the execution of malware in a sandboxed environment may provide a lot of…

Cryptography and Security · Computer Science 2022-04-11 Vasilis Vouvoutsis , Fran Casino , Constantinos Patsakis

Much software, whether beneficent or malevolent, is distributed only as binaries, sans source code. Absent source code, understanding binaries' behavior can be quite challenging, especially when compiled under higher levels of compiler…

Software Engineering · Computer Science 2021-09-20 Toufique Ahmed , Premkumar Devanbu , Anand Ashok Sawant

Automated analysis methods are crucial aids for monitoring and defending a network to protect the sensitive or confidential data it hosts. This work introduces a flexible, powerful, and unsupervised approach to detecting anomalous behavior…

Neural and Evolutionary Computing · Computer Science 2017-12-05 Aaron Tuor , Ryan Baerwolf , Nicolas Knowles , Brian Hutchinson , Nicole Nichols , Rob Jasper

Binary analysis of software is a critical step in cyber forensics applications such as program vulnerability assessment and malware detection. This involves interpreting instructions executed by software and often necessitates converting…

Cryptography and Security · Computer Science 2022-04-15 Dinuka Sahabandu , Sukarno Mertoguno , Radha Poovendran
‹ Prev 1 2 3 10 Next ›