English
Related papers

Related papers: That Escalated Quickly: An ML Framework for Alert …

200 papers

Enterprise networks are growing ever larger with a rapidly expanding attack surface, increasing the volume of security alerts generated from security controls. Security Operations Centre (SOC) analysts triage these alerts to identify…

Cryptography and Security · Computer Science 2025-05-16 Melissa Turcotte , François Labrèche , Serge-Olivier Paquette

Security Operations Centers (SOCs) face mounting operational challenges. These challenges come from increasing threat volumes, heterogeneous SIEM platforms, and time-consuming manual triage workflows. We present an end-to-end threat…

Cryptography and Security · Computer Science 2026-05-01 Md Hasan Saju , Akramul Azim

Automated detection of cyber attacks is a critical capability to counteract the growing volume and sophistication of cyber attacks. However, the high numbers of security alerts issued by intrusion detection systems lead to alert fatigue…

Cryptography and Security · Computer Science 2026-02-09 Lukas Karner , Max Landauer , Markus Wurzenberger , Florian Skopik

We develop a queueing-theoretic framework to model the temporal evolution of cyber-attack surfaces, where the number of active vulnerabilities is represented as the backlog of a queue. Vulnerabilities arrive as they are discovered or…

Cryptography and Security · Computer Science 2026-04-17 Jihyeon Yun , Abdullah Yasin Etcibasi , Ming Shi , C. Emre Koksal

Existing fraud detection methods predominantly rely on transcribed text, suffering from ASR errors and missing crucial acoustic cues like vocal tone and environmental context. This limits their effectiveness against complex deceptive…

"Alert fatigue" is one of the biggest challenges faced by the Security Operations Center (SOC) today, with analysts spending more than half of their time reviewing false alerts. Endpoint detection products raise alerts by pattern matching…

Cryptography and Security · Computer Science 2024-05-09 Jonathan Oliver , Raghav Batta , Adam Bates , Muhammad Adil Inam , Shelly Mehta , Shugao Xia

Multi-tenant LLM serving frameworks widely adopt shared Key-Value caches to enhance efficiency. However, this creates side-channel vulnerabilities enabling prompt leakage attacks. Prior studies identified these attack surfaces yet focused…

Cryptography and Security · Computer Science 2026-02-25 Longxiang Wang , Xiang Zheng , Xuhao Zhang , Yao Zhang , Ye Wu , Cong Wang

Security operations centers face persistent alert fatigue: in low-prevalence streams, even low false-positive rates generate substantial investigation load, while aggregate F1 scores obscure analyst burden. We introduce PACT, a Pareto-aware…

Cryptography and Security · Computer Science 2026-05-22 Samuel Ndichu , Tao Ban , Seiichi Ozawa , Takeshi Takahashi , Daisuke Inoue

The lack of high-quality public cyber incident data limits empirical research and predictive modeling for cyber risk assessment. This challenge persists due to the reluctance of companies to disclose incidents that could damage their…

Risk Management · Quantitative Finance 2026-03-20 Jiayi Guo , Zhiyu Quan , Linfeng Zhang

Model-based offline reinforcement learning (RL) is a compelling approach that addresses the challenge of learning from limited, static data by generating imaginary trajectories using learned models. However, these approaches often struggle…

Machine Learning · Computer Science 2024-12-04 Kwanyoung Park , Youngwoon Lee

Large scale analytics engines have become a core dependency for modern data-driven enterprises to derive business insights and drive actions. These engines support a large number of analytic jobs processing huge volumes of data on a daily…

Databases · Computer Science 2024-01-03 Brandon Haynes , Rana Alotaibi , Anna Pavlenko , Jyoti Leeka , Alekh Jindal , Yuanyuan Tian

Security alert screening is the downstream task of filtering, prioritizing, correlating, and contextualizing alerts for analyst attention in Security Operations Centers. This survey reviews artificial-intelligence-driven alert screening and…

Cryptography and Security · Computer Science 2026-05-20 Samuel Ndichu , Tao Ban , Seiichi Ozawa , Takeshi Takahashi , Daisuke Inoue

Minimizing computational overhead in time-series classification, particularly in deep learning models, presents a significant challenge due to the high complexity of model architectures and the large volume of sequential data that must be…

Cryptography and Security · Computer Science 2025-08-28 Cagla Ipek Kocal , Onat Gungor , Tajana Rosing , Baris Aksanli

A popular approach to detect cyberattacks is to monitor systems in real-time to identify malicious activities as they occur. While these solutions aim to detect threats early, minimizing damage, they suffer from a significant challenge due…

Cryptography and Security · Computer Science 2025-04-23 Nikhilesh Singh , Chester Rebeiro

Many LLM applications require only narrow capabilities, yet standard post-training quantization (PTQ) methods allocate precision without considering the target task. This can waste bits on layers that are less relevant to the task signal…

Computation and Language · Computer Science 2026-05-19 Amit LeVi , Raz Lapid , Rom Himelstein , Chaim Baskin , Ravid Shwartz Ziv , Avi Mendelson

To tackle the huge computational demand of large foundation models, activation-aware compression techniques without retraining have been introduced. However, since these methods highly rely on calibration data, domain shift issues may arise…

Machine Learning · Computer Science 2026-03-25 Toshiaki Koike-Akino , Jing Liu , Ye Wang

Security Operations Centers (SOCs) are overwhelmed by tens of thousands of daily alerts, with only a small fraction corresponding to genuine attacks. This overload creates alert fatigue, leading to overlooked threats and analyst burnout.…

Computation and Language · Computer Science 2025-10-02 Bowen Wei , Yuan Shen Tay , Howard Liu , Jinhao Pan , Kun Luo , Ziwei Zhu , Chris Jordan

Securing enterprise networks presents challenges in terms of both their size and distributed structure. Data required to detect and characterize malicious activities may be diffused and may be located across network and endpoint devices.…

This study evaluates the application of predictive analytics for real-time cyber-attack detection and response, focusing on how statistical and machine learning methods can improve decision-making in Security Operations Centers (SOCs).…

Cryptography and Security · Computer Science 2025-09-03 Muhammad Danish

Traditional security detection methods face three key challenges: inadequate data collection that misses critical security events, resource-intensive monitoring systems, and poor detection algorithms with high false positive rates. We…

Cryptography and Security · Computer Science 2025-06-06 Limin Wang , Lei Bu , Muzimiao Zhang , Shihong Cang , Kai Ye
‹ Prev 1 2 3 10 Next ›