English
Related papers

Related papers: SPARSE: Semantic Tracking and Path Analysis for At…

200 papers

Provenance analysis based on system audit data has emerged as a fundamental approach for investigating Advanced Persistent Threat (APT) attacks. Due to the high concealment and long-term persistence of APT attacks, they are only represented…

Cryptography and Security · Computer Science 2025-10-28 Qi Sheng

Although intrusion alerts can provide threat intelligence regarding attacker strategies, extracting such intelligence via existing tools is expensive and time-consuming. Earlier work has proposed SAGE, which generates attack graphs from…

Cryptography and Security · Computer Science 2023-10-23 Sònia Leal Díaz , Sergio Pastrana , Azqa Nadeem

Provenance graphs are useful and powerful tools for representing system-level activities in cybersecurity; however, existing approaches often struggle with complex queries and flexible reasoning. This paper presents a novel approach using…

Cryptography and Security · Computer Science 2025-01-27 Fang Li , Fei Zuo , Gopal Gupta

Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16].With our work we demonstrate a feasible and fast way to…

Databases · Computer Science 2018-02-02 Timo Schindler

Advanced Persistent Threats (APTs) are difficult to detect due to their complexity and stealthiness. To mitigate such attacks, many approaches model entities and their relationship using provenance graphs to detect the stealthy and…

Cryptography and Security · Computer Science 2026-01-06 Wenhao Yan , Ning An , Wei Qiao , Weiheng Wu , Bo Jiang , Zhigang Lu , Baoxu Liu , Junrong Liu

Multi-source logs provide a comprehensive overview of ongoing system activities, allowing for in-depth analysis to detect potential threats. A practical approach for threat detection involves explicit extraction of entity triples (subject,…

Software Engineering · Computer Science 2024-11-26 Zhuoran Tan , Christos Anagnostopoulos , Shameem P. Parambath , Jeremy Singer

Advanced Persistent Threat (APT) have grown increasingly complex and concealed, posing formidable challenges to existing Intrusion Detection Systems in identifying and mitigating these attacks. Recent studies have incorporated graph…

Cryptography and Security · Computer Science 2025-09-18 Wenhan Jiang , Tingting Chai , Hongri Liu , Kai Wang , Hongke Zhang

Advanced persistent threats (APT) are stealthy cyber-attacks that are aimed at stealing valuable information from target organizations and tend to extend in time. Blocking all APTs is impossible, security experts caution, hence the…

Cryptography and Security · Computer Science 2021-05-24 Sidahmed Benabderrahmane , Ghita Berrada , James Cheney , Petko Valtchev

Attack graphs (AG) are used to assess pathways availed by cyber adversaries to penetrate a network. State-of-the-art approaches for AG generation focus mostly on deriving dependencies between system vulnerabilities based on network scans…

Cryptography and Security · Computer Science 2021-10-15 Azqa Nadeem , Sicco Verwer , Shanchieh Jay Yang

Today, human security analysts collapse under the sheer volume of alerts they have to triage during investigations. The inability to cope with this load, coupled with a high false positive rate of alerts, creates alert fatigue. This results…

Cryptography and Security · Computer Science 2021-03-29 Florian Wilkens , Felix Ortmann , Steffen Haas , Matthias Vallentin , Mathias Fischer

Cyber security is one of the most significant technical challenges in current times. Detecting adversarial activities, prevention of theft of intellectual properties and customer data is a high priority for corporations and government…

Databases · Computer Science 2015-03-04 Sutanay Choudhury , Lawrence Holder , George Chin , Khushbu Agarwal , John Feo

APT (Advanced Persistent Threat) with the characteristics of persistence, stealth, and diversity is one of the greatest threats against cyber-infrastructure. As a countermeasure, existing studies leverage provenance graphs to capture the…

Cryptography and Security · Computer Science 2024-09-12 Mingqi Lv , HongZhe Gao , Xuebo Qiu , Tieming Chen , Tiantian Zhu , Jinyin Chen , Shouling Ji

In Advanced Persistent Threat (APT) attacks, achieving stealthy persistence within target systems is often crucial for an attacker's success. This persistence allows adversaries to maintain prolonged access, often evading detection…

Cryptography and Security · Computer Science 2026-05-14 Qi Liu , Muhammad Shoaib , Mati Ur Rehman , Kaibin Bao , Veit Hagenmeyer , Wajih Ul Hassan

Previous works on the CERT insider threat detection case have neglected graph and text features despite their relevance to describe user behavior. Additionally, existing systems heavily rely on feature engineering and audit data aggregation…

Machine Learning · Computer Science 2020-07-15 Mathieu Garchery , Michael Granitzer

The rise of advanced persistent threats (APTs) has marked a significant cybersecurity challenge, characterized by sophisticated orchestration, stealthy execution, extended persistence, and targeting valuable assets across diverse sectors.…

Cryptography and Security · Computer Science 2024-04-19 Yuntao Wang , Han Liu , Zhendong Li , Zhou Su , Jiliang Li

Cyber supply chain, encompassing digital asserts, software, hardware, has become an essential component of modern Information and Communications Technology (ICT) provisioning. However, the growing inter-dependencies have introduced numerous…

Cryptography and Security · Computer Science 2025-04-04 Zhuoran Tan , Christos Anagnostopoulos , Jeremy Singer

Analysing correlations between streams of events is an important problem. It arises for example in Neurosciences, when the connectivity of neurons should be inferred from spike trains that record neurons' individual spiking activity. While…

Neurons and Cognition · Quantitative Biology 2021-08-11 Krempl , Georg , Kottke , Daniel , Pham Minh , Tuan

Attack paths are the potential chain of malicious activities an attacker performs to compromise network assets and acquire privileges through exploiting network vulnerabilities. Attack path analysis helps organizations to identify…

Cryptography and Security · Computer Science 2023-11-30 Houssem Jmal , Firas Ben Hmida , Nardine Basta , Muhammad Ikram , Mohamed Ali Kaafar , Andy Walker

Recent research in both academia and industry has validated the effectiveness of provenance graph-based detection for advanced cyber attack detection and investigation. However, analyzing large-scale provenance graphs often results in…

Cryptography and Security · Computer Science 2024-07-11 Zhenyuan Li , Yangyang Wei , Xiangmin Shen , Lingzhi Wang , Yan Chen , Haitao Xu , Shouling Ji , Fan Zhang , Liang Hou , Wenmao Liu , Xuhong Zhang , Jianwei Ying

We present ProvG-Searcher, a novel approach for detecting known APT behaviors within system security logs. Our approach leverages provenance graphs, a comprehensive graph representation of event logs, to capture and depict data provenance…

Cryptography and Security · Computer Science 2023-12-20 Enes Altinisik , Fatih Deniz , Husrev Taha Sencar
‹ Prev 1 2 3 10 Next ›