English
Related papers

Related papers: Forecasting Attacker Actions using Alert-driven At…

200 papers

Attack graphs (AG) are used to assess pathways availed by cyber adversaries to penetrate a network. State-of-the-art approaches for AG generation focus mostly on deriving dependencies between system vulnerabilities based on network scans…

Cryptography and Security · Computer Science 2021-10-15 Azqa Nadeem , Sicco Verwer , Shanchieh Jay Yang

Attack graphs (AGs) are graphical tools to analyze the security of computer networks. By connecting the exploitation of individual vulnerabilities, AGs expose possible multi-step attacks against target networks, allowing system…

Cryptography and Security · Computer Science 2025-08-19 Ming Li , John Hale

Although intrusion alerts can provide threat intelligence regarding attacker strategies, extracting such intelligence via existing tools is expensive and time-consuming. Earlier work has proposed SAGE, which generates attack graphs from…

Cryptography and Security · Computer Science 2023-10-23 Sònia Leal Díaz , Sergio Pastrana , Azqa Nadeem

Attack Graph (AG) represents the best-suited solution to support cyber risk assessment for multi-step attacks on computer networks, although their generation suffers from poor scalability due to their combinatorial complexity. Current…

Cryptography and Security · Computer Science 2024-09-10 Alessandro Palma , Marco Angelini

Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16].With our work we demonstrate a feasible and fast way to…

Databases · Computer Science 2018-02-02 Timo Schindler

Detecting and responding to cyber attacks is increasingly difficult as high-volume, complex network traffic allows threats to remain concealed. While Intrusion Detection Systems (IDSs) identify anomalous behavior, Attack Graphs (AGs) serve…

Cryptography and Security · Computer Science 2026-03-10 Andrea Agiollo , Enkeleda Bardhi , Alessandro Palma , Riccardo Lazzeretti , Silvia Bonomi , Fernando Kuipers

The premise of automated alert correlation is to accept that false alerts from a low level intrusion detection system are inevitable and use attack models to explain the output in an understandable way. Several algorithms exist for this…

Artificial Intelligence · Computer Science 2010-07-05 Gianni Tedesco , Uwe Aickelin

Attack graphs are a powerful tool for security risk assessment by analysing network vulnerabilities and the paths attackers can use to compromise network resources. The uncertainty about the attacker's behaviour makes Bayesian networks…

Cryptography and Security · Computer Science 2016-11-07 Luis Muñoz-González , Daniele Sgandurra , Martín Barrère , Emil Lupu

With the advancement of IoT technology, many electronic devices are interconnected through networks, communicating with each other and performing specific roles. However, as numerous devices join networks, the threat of cyberattacks also…

Cryptography and Security · Computer Science 2023-11-28 Sangbeom Park , Jaesung Lee , Jeong Do Yoo , Min Geun Song , Hyosun Lee , Jaewoong Choi , Chaeyeon Sagong , Huy Kang Kim

This study evaluates the application of predictive analytics for real-time cyber-attack detection and response, focusing on how statistical and machine learning methods can improve decision-making in Security Operations Centers (SOCs).…

Cryptography and Security · Computer Science 2025-09-03 Muhammad Danish

Advanced Persistent Threats (APTs) are sophisticated multi-step attacks, planned and executed by skilled adversaries targeting modern government and enterprise networks. Intrusion Detection Systems (IDSs) and User and Entity Behavior…

Cryptography and Security · Computer Science 2021-01-08 Hazem M. Soliman , Geoff Salmon , Dušan Sovilj , Mohan Rao

We implemented and evaluated an automated cyber defense agent. The agent takes security alerts as input and uses reinforcement learning to learn a policy for executing predefined defensive measures. The defender policies were trained in an…

Cryptography and Security · Computer Science 2023-04-24 Jakob Nyberg , Pontus Johnson

Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can…

Information Retrieval · Computer Science 2026-01-27 Nikolaos Polatidis , Elias Pimenidis , Michalis Pavlidis , Spyridon Papastergiou , Haralambos Mouratidis

Today, human security analysts collapse under the sheer volume of alerts they have to triage during investigations. The inability to cope with this load, coupled with a high false positive rate of alerts, creates alert fatigue. This results…

Cryptography and Security · Computer Science 2021-03-29 Florian Wilkens , Felix Ortmann , Steffen Haas , Matthias Vallentin , Mathias Fischer

Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to…

Cryptography and Security · Computer Science 2023-07-27 Simon Unger , Ektor Arzoglou , Markus Heinrich , Dirk Scheuermann , Stefan Katzenbeisser

As cyber threats grow increasingly sophisticated, reinforcement learning (RL) is emerging as a promising technique to create intelligent and adaptive cyber defense systems. However, most existing autonomous defensive agents have overlooked…

Machine Learning · Computer Science 2025-04-17 Ilya Orson Sandoval , Isaac Symes Thompson , Vasilios Mavroudis , Chris Hicks

To defend against Advanced Persistent Threats on the endpoint, threat hunting employs security knowledge such as cyber threat intelligence to continuously analyze system audit logs through retrospective scanning, querying, or pattern…

Cryptography and Security · Computer Science 2025-08-11 Mingjun Ma , Tiantian Zhu , Shuang Li , Tieming Chen , Mingqi Lv , Zhengqiu Weng , Guolang Chen

This paper presents PULSAR, a framework for pre-empting Advanced Persistent Threats (APTs). PULSAR employs a probabilistic graphical model (specifically a Factor Graph) to infer the time evolution of an attack based on observed security…

Cryptography and Security · Computer Science 2019-03-22 Phuong Cao

Intrusion detection is only a starting step in securing IT infrastructure. Prediction of intrusions is the next step to provide an active defense against incoming attacks. Current intrusion prediction methods focus mainly on prediction of…

Cryptography and Security · Computer Science 2016-10-25 Udaya Sampath K. Perera Miriya Thanthrige , Jagath Samarabandu , Xianbin Wang

The ever-evolving capabilities of cyber attackers force security administrators to focus on the early identification of emerging threats. Targeted cyber attacks usually consist of several phases, from initial reconnaissance of the network…

Cryptography and Security · Computer Science 2022-06-22 Lukáš Sadlek , Pavel Čeleda , Daniel Tovarňák
‹ Prev 1 2 3 10 Next ›