English
Related papers

Related papers: On Technique Identification and Threat-Actor Attri…

200 papers

This work evaluates the performance of Cyber Threat Intelligence (CTI) extraction methods in identifying attack techniques from threat reports available on the web using the MITRE ATT&CK framework. We analyse four configurations utilising…

Cryptography and Security · Computer Science 2025-05-07 Hoang Cuong Nguyen , Shahroz Tariq , Mohan Baruwal Chhetri , Bao Quoc Vo

The volume, variety, and velocity of change in vulnerabilities and exploits have made incident threat analysis challenging with human expertise and experience along. Tactics, Techniques, and Procedures (TTPs) are to describe how and why…

Artificial Intelligence · Computer Science 2023-08-24 Reza Fayyazi , Shanchieh Jay Yang

Cyber-attack attribution is an important process that allows experts to put in place attacker-oriented countermeasures and legal actions. The analysts mainly perform attribution manually, given the complex nature of this task. AI and, more…

Cryptography and Security · Computer Science 2024-08-12 Pritam Deka , Sampath Rajapaksha , Ruby Rani , Amirah Almutairi , Erisa Karafili

Over the last years, threat intelligence sharing has steadily grown, leading cybersecurity professionals to access increasingly larger amounts of heterogeneous data. Among those, cyber attacks' Tactics, Techniques and Procedures (TTPs) have…

Cryptography and Security · Computer Science 2020-04-30 Valentine Legoy , Marco Caselli , Christin Seifert , Andreas Peter

Extracting MITRE ATT\&CK Tactics, Techniques, and Procedures (TTPs) from natural language threat reports is crucial yet challenging. Existing methods primarily focus on performance metrics using data-driven approaches, often neglecting…

Cryptography and Security · Computer Science 2025-05-15 Cheng Meng , ZhengWei Jiang , QiuYun Wang , XinYi Li , ChunYan Ma , FangMing Dong , FangLi Ren , BaoXu Liu

With the ever-changing landscape of cyber threats, identifying their origin has become paramount, surpassing the simple task of attack classification. Cyber threat attribution gives security analysts the insights they need to device…

Cryptography and Security · Computer Science 2025-09-16 Rimsha Kanwal , Umara Noor , Zafar Iqbal , Zahid Rashid

Advanced Persistent Threat (APT) attribution is a critical challenge in cybersecurity and implies the process of accurately identifying the perpetrators behind sophisticated cyber attacks. It can significantly enhance defense mechanisms and…

Cryptography and Security · Computer Science 2024-10-08 Nanda Rani , Bikash Saha , Sandeep Kumar Shukla

Tactics, Techniques, and Procedures (TTPs) outline the methods attackers use to exploit vulnerabilities. The interpretation of TTPs in the MITRE ATT&CK framework can be challenging for cybersecurity practitioners due to presumed expertise…

Cryptography and Security · Computer Science 2025-10-09 Reza Fayyazi , Rozhina Taghdimi , Shanchieh Jay Yang

The current state of Advanced Persistent Threats (APT) attribution primarily relies on time-consuming manual processes. These include mapping incident artifacts onto threat attribution frameworks and employing expert reasoning to uncover…

Cryptography and Security · Computer Science 2024-09-26 Nanda Rani , Bikash Saha , Vikas Maurya , Sandeep Kumar Shukla

Cyber threat attribution is the process of identifying the actor of an attack incident in cyberspace. An accurate and timely threat attribution plays an important role in deterring future attacks by applying appropriate and timely defense…

Cryptography and Security · Computer Science 2023-07-21 Umara Noor , Sawera Shahid , Rimsha Kanwal , Zahid Rashid

Effective attribution of Advanced Persistent Threats (APTs) increasingly hinges on the ability to correlate behavioral patterns and reason over complex, varied threat intelligence artifacts. We present AURA (Attribution Using…

Cryptography and Security · Computer Science 2025-06-13 Nanda Rani , Sandeep Kumar Shukla

Machine learning (ML) underpins foundation models in finance, healthcare, and critical infrastructure, making them targets for data poisoning, model extraction, prompt injection, automated jailbreaking, and preference-guided black-box…

Cryptography and Security · Computer Science 2025-12-30 Armstrong Foundjem , Lionel Nganyewou Tidjon , Leuson Da Silva , Foutse Khomh

In the era of generative AI, the widespread adoption of Neural Text Generators (NTGs) presents new cybersecurity challenges, particularly within the realms of Digital Forensics and Incident Response (DFIR). These challenges primarily…

Cryptography and Security · Computer Science 2024-10-23 Avanti Bhandarkar , Ronald Wilson , Anushka Swarup , Mengdi Zhu , Damon Woodard

Adversaries continuously evolve their tactics, techniques, and procedures (TTPs) to achieve their objectives while evading detection, requiring defenders to continually update their understanding of adversary behavior. Prior research has…

Software Engineering · Computer Science 2026-04-06 Mahzabin Tamanna , Shaswata Mitra , Md Erfan , Ahmed Ryan , Sudip Mittal , Laurie Williams , Md Rayhanur Rahman

Attribution theory explains how individuals interpret and attribute others' behavior in a social context by employing personal (dispositional) and impersonal (situational) causality. Large Language Models (LLMs), trained on human-generated…

Computation and Language · Computer Science 2026-03-31 Hossein Salemi , Jitin Krishnan , Hemant Purohit

The automation of Cyber Threat Intelligence (CTI) relies heavily on Named Entity Recognition (NER) to extract critical entities from unstructured text. Currently, Large Language Models (LLMs) primarily address this task through…

Cryptography and Security · Computer Science 2025-12-23 Jiaren Peng , Hongda Sun , Xuan Tian , Cheng Huang , Zeqing Li , Rui Yan

Software-Defined Networking (SDN) improves network flexibility but also increases the need for reliable and interpretable intrusion detection. Large Language Models (LLMs) have recently been explored for cybersecurity tasks due to their…

Cryptography and Security · Computer Science 2026-04-09 Umesh Biswas , Shafqat Hasan , Syed Mohammed Farhan , Nisha Pillai , Charan Gudla

The increasingly sophisticated and growing number of threat actors along with the sheer speed at which cyber attacks unfold, make timely identification of attacks imperative to an organisations' security. Consequently, persons responsible…

Cryptography and Security · Computer Science 2022-07-19 Clemens Sauerwein , Alexander Pfohl

Machine learning is a field of artificial intelligence (AI) that is becoming essential for several critical systems, making it a good target for threat actors. Threat actors exploit different Tactics, Techniques, and Procedures (TTPs)…

Cryptography and Security · Computer Science 2022-07-04 Lionel Nganyewou Tidjon , Foutse Khomh

Advanced Persistent Threats (APTs) are prolonged, stealthy intrusions by skilled adversaries that compromise high-value systems to steal data or disrupt operations. Reconstructing complete attack chains from massive, heterogeneous logs is…

Cryptography and Security · Computer Science 2025-09-03 Rujie Dai , Peizhuo Lv , Yujiang Gui , Qiujian Lv , Yuanyuan Qiao , Yan Wang , Degang Sun , Weiqing Huang , Yingjiu Li , XiaoFeng Wang
‹ Prev 1 2 3 10 Next ›