English
Related papers

Related papers: TapTree: Process-Tree Based Host Behavior Modeling…

200 papers

APT, known as Advanced Persistent Threat, is a difficult challenge for cyber defence. These threats make many traditional defences ineffective as the vulnerabilities exploited by these threats are insiders who have access to and are within…

Cryptography and Security · Computer Science 2021-09-01 Mohammad Mamun , Kevin Shi

Network trace signature matching is one reliable approach to detect active Remote Control Trojan, (RAT). Compared to statistical-based detection of malicious network traces in the face of known RATs, the signature-based method can achieve…

Cryptography and Security · Computer Science 2021-04-07 Cong Dong , Zhigang Lu , Zelin Cui , Baoxu Liu , Kai Chen

Advanced persistent threats (APT) are stealthy cyber-attacks that are aimed at stealing valuable information from target organizations and tend to extend in time. Blocking all APTs is impossible, security experts caution, hence the…

Cryptography and Security · Computer Science 2021-05-24 Sidahmed Benabderrahmane , Ghita Berrada , James Cheney , Petko Valtchev

Cyber threat hunting is the practice of proactively searching for latent threats in a network. Engaging in threat hunting can be difficult due to the volume of network traffic, variety of adversary techniques, and constantly evolving…

Cryptography and Security · Computer Science 2025-03-10 Matthew J. Turner , Mike Carenzo , Jackie Lasky , James Morris-King , James Ross

Kernel audit logs are an invaluable source of information in the forensic investigation of a cyber-attack. However, the coarse granularity of dependency information in audit logs leads to the construction of huge attack graphs which contain…

Cryptography and Security · Computer Science 2018-10-16 Sadegh M. Milajerdi , Birhanu Eshete , Rigel Gjomemo , V. N. Venkatakrishnan

This paper proposes an approach to analyze an event log of a business process in order to generate case-level recommendations of treatments that maximize the probability of a given outcome. Users classify the attributes in the event log…

Machine Learning · Computer Science 2020-09-04 Zahra Dasht Bozorgi , Irene Teinemaa , Marlon Dumas , Marcello La Rosa , Artem Polyvyanyy

Attack Trees are a graphical model of security used to study threat scenarios. While visually appealing and supported by solid theories and effective tools, one of their main drawbacks remains the amount of effort required by security…

Cryptography and Security · Computer Science 2024-09-13 Alyzia-Maria Konsta , Gemma Di Federico , Alberto Lluch Lafuente , Andrea Burattin

Analysis of an organization's computer network activity is a key component of early detection and mitigation of insider threat, a growing concern for many organizations. Raw system logs are a prototypical example of streaming data that can…

Neural and Evolutionary Computing · Computer Science 2017-12-19 Aaron Tuor , Samuel Kaplan , Brian Hutchinson , Nicole Nichols , Sean Robinson

Process mining techniques including process discovery, conformance checking, and process enhancement provide extensive knowledge about processes. Discovering running processes and deviations as well as detecting performance problems and…

Other Computer Science · Computer Science 2021-08-05 Mahsa Pourbafrani , Shuai Jiao , Wil M. P. van der Aalst

Industrial plants are prone to faults. To notify the operator of a fault occurrence, alarms are utilized as a basic part of modern computer-controlled plants. However, due to the interconnections of different parts of a plant, a single…

Databases · Computer Science 2020-05-05 Amir Neshastegaran , Ali Norouzifar , Iman Izadi

Understanding the modus operandi of adversaries aids organizations in employing efficient defensive strategies and sharing intelligence in the community. This knowledge is often present in unstructured natural language text within threat…

Cryptography and Security · Computer Science 2024-09-24 Nanda Rani , Bikash Saha , Vikas Maurya , Sandeep Kumar Shukla

Insider threat is one of the most pernicious threat vectors to information and communication technologies (ICT)across the world due to the elevated level of trust and access that an insider is afforded. This type of threat can stem from…

Cryptography and Security · Computer Science 2021-02-11 Nidhi Rastogi , Qicheng Ma

With the ever-changing landscape of cyber threats, identifying their origin has become paramount, surpassing the simple task of attack classification. Cyber threat attribution gives security analysts the insights they need to device…

Cryptography and Security · Computer Science 2025-09-16 Rimsha Kanwal , Umara Noor , Zafar Iqbal , Zahid Rashid

Modern enterprise networks comprise diverse and heterogeneous systems that support a wide range of services, making it challenging for administrators to track and analyze sophisticated attacks such as advanced persistent threats (APTs),…

Cryptography and Security · Computer Science 2025-11-13 Seunghyeon Lee , Hyunmin Seo , Hwanjo Heo , Anduo Wang , Seungwon Shin , Jinwoo Kim

Process mining techniques focus on extracting insight in processes from event logs. In many cases, events recorded in the event log are too fine-grained, causing process discovery algorithms to discover incomprehensible process models or…

Machine Learning · Computer Science 2017-12-20 Niek Tax , Natalia Sidorova , Reinder Haakma , Wil M. P. van der Aalst

As Advanced Persistent Threats (APTs) grow increasingly sophisticated, the demand for effective detection methods has intensified. This study addresses the challenge of identifying APT campaign attacks through system event logs. A cascading…

Cryptography and Security · Computer Science 2024-10-31 Yi-Ting Huang , Ying-Ren Guo , Guo-Wei Wong , Meng Chang Chen

In modern IT systems and computer networks, real-time and offline event log analysis is a crucial part of cyber security monitoring. In particular, event log analysis techniques are essential for the timely detection of cyber attacks and…

Cryptography and Security · Computer Science 2025-04-15 Risto Vaarandi , Hayretdin Bahsi

Provenance analysis based on system audit data has emerged as a fundamental approach for investigating Advanced Persistent Threat (APT) attacks. Due to the high concealment and long-term persistence of APT attacks, they are only represented…

Cryptography and Security · Computer Science 2025-10-28 Qi Sheng

Process mining focuses on the analysis of recorded event data in order to gain insights about the true execution of business processes. While foundational process mining techniques treat such data as sequences of abstract events, more…

Computation and Language · Computer Science 2021-03-23 Adrian Rebmann , Han van der Aa

End-point monitoring solutions are widely deployed in today's enterprise environments to support advanced attack detection and investigation. These monitors continuously record system-level activities as audit logs and provide deep…

Cryptography and Security · Computer Science 2026-02-16 Hao Zhang , Shuo Shao , Song Li , Zhenyu Zhong , Yan Liu , Zhan Qin
‹ Prev 1 2 3 10 Next ›