English
Related papers

Related papers: Enabling Efficient Attack Investigation via Human-…

200 papers

Provenance analysis (PA) has recently emerged as an important solution for cyber attack investigation. PA leverages system monitoring to monitor system activities as a series of system audit events and organizes these events as a provenance…

Cryptography and Security · Computer Science 2025-10-31 Fei Shao , Jia Zou , Zhichao Cao , Xusheng Xiao

We introduce PROVSEEK, an LLM-powered agentic framework for automated provenance-driven forensic analysis and threat intelligence extraction. PROVSEEK employs specialized toolchains to dynamically retrieve relevant context by generating…

Cryptography and Security · Computer Science 2025-11-18 Kunal Mukherjee , Murat Kantarcioglu

Advanced Persistent Threats (APTs) pose critical challenges to modern cybersecurity due to their multi-stage and stealthy nature. While provenance-based detection approaches show promise in capturing causal attack semantics, current threat…

Cryptography and Security · Computer Science 2026-03-11 Wenhao Yan , Ning An , Linxu Li , Bingsheng Bi , Bo Jiang , Zhigang Lu , Baoxu Liu , Junrong Liu , Cong Dong

Kernel audit logs are an invaluable source of information in the forensic investigation of a cyber-attack. However, the coarse granularity of dependency information in audit logs leads to the construction of huge attack graphs which contain…

Cryptography and Security · Computer Science 2018-10-16 Sadegh M. Milajerdi , Birhanu Eshete , Rigel Gjomemo , V. N. Venkatakrishnan

The need for countering Advanced Persistent Threat (APT) attacks has led to the solutions that ubiquitously monitor system activities in each enterprise host, and perform timely attack investigation over the monitoring data for uncovering…

Cryptography and Security · Computer Science 2019-03-20 Peng Gao , Xusheng Xiao , Zhichun Li , Kangkook Jee , Fengyuan Xu , Sanjeev R. Kulkarni , Prateek Mittal

Intrusion detection is an arms race; attackers evade intrusion detection systems by developing new attack vectors to sidestep known defense mechanisms. Provenance provides a detailed, structured history of the interactions of digital…

Cryptography and Security · Computer Science 2018-06-05 Xueyuan Han , Thomas Pasquier , Margo Seltzer

Modern cyber attackers use advanced zero-day exploits, highly targeted spear phishing, and other social engineering techniques to gain access and also use evasion techniques to maintain a prolonged presence within the victim network while…

Cryptography and Security · Computer Science 2023-10-03 Bibek Bhattarai , H. Howie Huang

The need for countering Advanced Persistent Threat (APT) attacks has led to the solutions that ubiquitously monitor system activities in each host, and perform timely attack investigation over the monitoring data for analyzing attack…

Cryptography and Security · Computer Science 2018-06-08 Peng Gao , Xusheng Xiao , Zhichun Li , Kangkook Jee , Fengyuan Xu , Sanjeev R. Kulkarni , Prateek Mittal

Advanced Persistent Threats (APTs) remain difficult to detect due to their stealthy nature and long-term persistence. To tackle this challenge, provenance-based threat hunting has gained traction as a proactive defense mechanism. This…

Cryptography and Security · Computer Science 2026-03-23 Xuebo Qiu , Mingqi Lv , Yimei Zhang , Tiantian Zhu , Tieming Chen

In cybersecurity, security analysts constantly face the challenge of mitigating newly discovered vulnerabilities in real-time, with over 300,000 vulnerabilities identified since 1999. The sheer volume of known vulnerabilities complicates…

Cryptography and Security · Computer Science 2026-01-26 Reza Fayyazi , Stella Hoyos Trueba , Michael Zuzak , Shanchieh Jay Yang

The rise of advanced persistent threats (APTs) has marked a significant cybersecurity challenge, characterized by sophisticated orchestration, stealthy execution, extended persistence, and targeting valuable assets across diverse sectors.…

Cryptography and Security · Computer Science 2024-04-19 Yuntao Wang , Han Liu , Zhendong Li , Zhou Su , Jiliang Li

The system prompt in Large Language Models (LLMs) plays a pivotal role in guiding model behavior and response generation. Often containing private configuration details, user roles, and operational instructions, the system prompt has become…

Cryptography and Security · Computer Science 2025-06-02 Badhan Chandra Das , M. Hadi Amini , Yanzhao Wu

Advanced Persistent Threats (APTs) are prolonged, stealthy intrusions by skilled adversaries that compromise high-value systems to steal data or disrupt operations. Reconstructing complete attack chains from massive, heterogeneous logs is…

Cryptography and Security · Computer Science 2025-09-03 Rujie Dai , Peizhuo Lv , Yujiang Gui , Qiujian Lv , Yuanyuan Qiao , Yan Wang , Degang Sun , Weiqing Huang , Yingjiu Li , XiaoFeng Wang

Modern data analysis requires speed for massive datasets. Progressive Data Analysis and Visualization (PDAV) emerged as a discipline to address this problem, providing fast response times while maintaining interactivity with controlled…

Human-Computer Interaction · Computer Science 2026-04-03 Matteo Filosa , Graziano Blasilli , Emilio Martino , Marco Angelini

Identifying the root cause and impact of a system intrusion remains a foundational challenge in computer security. Digital provenance provides a detailed history of the flow of information within a computing system, connecting suspicious…

Cryptography and Security · Computer Science 2018-08-28 Thomas Pasquier , Xueyuan Han , Thomas Moyer , Adam Bates , Olivier Hermant , David Eyers , Jean Bacon , Margo Seltzer

Analytic software tools and workflows are increasing in capability, complexity, number, and scale, and the integrity of our workflows is as important as ever. Specifically, we must be able to inspect the process of analytic workflows to…

Artificial Intelligence · Computer Science 2020-11-10 Scott Friedman , Jeff Rye , David LaVergne , Dan Thomsen , Matthew Allen , Kyle Tunis

Enterprises are constantly under attack from sophisticated adversaries. These adversaries use a variety of techniques to first gain access to the enterprise, then spread laterally inside its networks, establish persistence, and finally…

Cryptography and Security · Computer Science 2024-06-14 Sumanth Rao

The integration of large language models (LLMs) into a wide range of applications has highlighted the critical role of well-crafted system prompts, which require extensive testing and domain expertise. These prompts enhance task performance…

Cryptography and Security · Computer Science 2026-04-30 Zhixiong Zhuang , Maria-Irina Nicolae , Hui-Po Wang , Mario Fritz

Large Language Model-based systems (LLM systems) are information and query processing systems that use LLMs to plan operations from natural-language prompts and feed the output of each successive step into the LLM to plan the next. This…

Cryptography and Security · Computer Science 2024-10-11 Fangzhou Wu , Ethan Cecchetti , Chaowei Xiao

The advent of large language models (LLMs) has revolutionized the field of text generation, producing outputs that closely mimic human-like writing. Although academic and industrial institutions have developed detectors to prevent the…

Machine Learning · Computer Science 2025-02-25 Tianchun Wang , Yuanzhou Chen , Zichuan Liu , Zhanwen Chen , Haifeng Chen , Xiang Zhang , Wei Cheng
‹ Prev 1 2 3 10 Next ›