English
Related papers

Related papers: Forecasting Attacker Actions using Alert-driven At…

200 papers

The rise of advanced persistent threats (APTs) has marked a significant cybersecurity challenge, characterized by sophisticated orchestration, stealthy execution, extended persistence, and targeting valuable assets across diverse sectors.…

Cryptography and Security · Computer Science 2024-04-19 Yuntao Wang , Han Liu , Zhendong Li , Zhou Su , Jiliang Li

Advanced Persistent Threat (APT) attacks have caused significant damage worldwide. Various Endpoint Detection and Response (EDR) systems are deployed by enterprises to fight against potential threats. However, EDR suffers from high false…

Cryptography and Security · Computer Science 2024-05-07 Tiantian Zhu , Jie Ying , Tieming Chen , Chunlin Xiong , Wenrui Cheng , Qixuan Yuan , Aohan Zheng , Mingqi Lv , Yan Chen

Early detection of network intrusions and cyber threats is one of the main pillars of cybersecurity. One of the most effective approaches for this purpose is to analyze network traffic with the help of artificial intelligence algorithms,…

Cryptography and Security · Computer Science 2024-02-13 Giacomo Zonneveld , Lorenzo Principi , Marco Baldi

Artificial Intelligence (AI) agents can now orchestrate cyberattacks. This development is already increasing the speed and scale of cyber attacks, decreasing attack costs, and improving the operational autonomy of cyber capabilities. To…

Computers and Society · Computer Science 2026-05-22 Matt Mittelsteadt , Jam Kraprayoon , Robin Staes-Polet , Oskar Galeev , Jan Wehner , Christopher Covino , Shaun Ee

Deep reinforcement learning (RL) is emerging as a viable strategy for automated cyber defense (ACD). The traditional RL approach represents networks as a list of computers in various states of safety or threat. Unfortunately, these models…

Machine Learning · Computer Science 2025-09-22 Isaiah J. King , Benjamin Bowman , H. Howie Huang

Multi Agent Path Finding (MAPF) is critical for coordinating multiple robots in shared environments, yet robust execution of generated plans remains challenging due to operational uncertainties. The Action Dependency Graph (ADG) framework…

Multiagent Systems · Computer Science 2024-12-03 Joachim Dunkel

Attack paths are the potential chain of malicious activities an attacker performs to compromise network assets and acquire privileges through exploiting network vulnerabilities. Attack path analysis helps organizations to identify…

Cryptography and Security · Computer Science 2023-11-30 Houssem Jmal , Firas Ben Hmida , Nardine Basta , Muhammad Ikram , Mohamed Ali Kaafar , Andy Walker

Incorporating advanced information and communication technologies into smart grids (SGs) offers substantial operational benefits while increasing vulnerability to cyber threats like false data injection (FDI) attacks. Current SG attack…

Computational Engineering, Finance, and Science · Computer Science 2024-11-08 Nur Imtiazul Haque , Prabin Mali , Mohammad Zakaria Haider , Mohammad Ashiqur Rahman , Sumit Paudyal

While the adoption of Service-Oriented Architectures (SOA) eases the implementation of features such as autonomous driving and over-the-air updates, it also increases the vehicle's exposure to attacks that may place road-users in harm. To…

Logic in Computer Science · Computer Science 2022-12-26 Yuri Gil Dantas , Simon Barner , Pei Ke , Vivek Nigam , Ulrich Schoepp

Traditional threat modeling occurs during design, but cloud deployments introduce unanticipated threats, especially multi-stage attacks chaining vulnerabilities across trust boundaries. Existing security tools analyze components in…

Cryptography and Security · Computer Science 2026-03-25 Nicholas Pecka , Lotfi Ben Othmane , Bharat Bhargava , Renee Bryce

Advanced Persistent Threats (APTs) evolve through multiple stages, each exhibiting distinct temporal and structural behaviors. Accurate stage estimation is critical for enabling adaptive cyber defense. This paper presents StageFinder, a…

Cryptography and Security · Computer Science 2026-05-06 Trung V. Phan , Thomas Bauschert

Graph knowledge models and ontologies are very powerful modeling and re asoning tools. We propose an effective approach to model network attacks and attack prediction which plays important roles in security management. The goals of this…

Artificial Intelligence · Computer Science 2013-04-04 Ahmad Salahi , Morteza Ansarinia

Network intrusion detection sensors are usually built around low level models of network traffic. This means that their output is of a similarly low level and as a consequence, is difficult to analyze. Intrusion alert correlation is the…

Cryptography and Security · Computer Science 2010-07-05 Gianni Tedesco , Uwe Aickelin

Graph Neural Networks (GNNs) have shown significant promise in various domains, such as recommendation systems, bioinformatics, and network analysis. However, the irregularity of graph data poses unique challenges for efficient computation,…

Machine Learning · Computer Science 2024-11-26 Pol Puigdemont , Enrico Russo , Axel Wassington , Abhijit Das , Sergi Abadal , Maurizio Palesi

Advanced Persistent Threats (APTs) represent a growing menace to modern digital infrastructure. Unlike traditional cyberattacks, APTs are stealthy, adaptive, and long-lasting, often bypassing signature-based detection systems. This paper…

Cryptography and Security · Computer Science 2025-08-27 Sidahmed Benabderrahmane , Talal Rahwan

Provenance analysis based on system audit data has emerged as a fundamental approach for investigating Advanced Persistent Threat (APT) attacks. Due to the high concealment and long-term persistence of APT attacks, they are only represented…

Cryptography and Security · Computer Science 2025-10-28 Qi Sheng

Automated cyber defense (ACD) seeks to protect computer networks with minimal or no human intervention, reacting to intrusions by taking corrective actions such as isolating hosts, resetting services, deploying decoys, or updating access…

Machine Learning · Computer Science 2026-01-12 Yu Li , Sizhe Tang , Rongqian Chen , Fei Xu Yu , Guangyu Jiang , Mahdi Imani , Nathaniel D. Bastian , Tian Lan

Active Directory (AD) is the default security management system for Windows domain networks. An AD environment naturally describes an attack graph where nodes represent computers/accounts/security groups, and edges represent existing…

Cryptography and Security · Computer Science 2022-12-09 Mingyu Guo , Max Ward , Aneta Neumann , Frank Neumann , Hung Nguyen

Static code analysis (SCA) tools are widely used as effective ways to detect bugs and vulnerabilities in software systems. However, the reports generated by these tools often contain a large number of non-actionable findings, which can…

Software Engineering · Computer Science 2026-04-21 Tamás Aladics , Norbert Vándor , Rudolf Ferenc , Péter Hegedűs

Intrusion Detection and Prevention Systems (IDS/IPS) in large enterprises can generate hundreds of thousands of alerts per hour, overwhelming analysts with logs requiring rapidly evolving expertise. Conventional machine-learning detectors…

Cryptography and Security · Computer Science 2026-02-10 Francesco Blefari , Cristian Cosentino , Francesco Aurelio Pironti , Angelo Furfaro , Fabrizio Marozzo