English
Related papers

Related papers: ProvAgent: Threat Detection Based on Identity-Beha…

200 papers

An advanced persistent threat (APT) refers to a covert, long-term cyberattack, typically conducted by state-sponsored actors, targeting critical sectors and often remaining undetected for long periods. In response, collective intelligence…

Cryptography and Security · Computer Science 2026-01-07 Shakhzod Yuldoshkhujaev , Mijin Jeon , Doowon Kim , Nick Nikiforakis , Hyungjoon Koo

Proactive agents that anticipate user intentions without explicit prompts represent a significant evolution in human-AI interaction, promising to reduce cognitive load and streamline workflows. However, existing datasets suffer from two…

Human-Computer Interaction · Computer Science 2026-02-11 Yuanbo Tang , Huaze Tang , Tingyu Cao , Lam Nguyen , Anping Zhang , Xinwen Cao , Chunkang Liu , Wenbo Ding , Yang Li

With frequently evolving Advanced Persistent Threats (APTs) in cyberspace, traditional security solutions approaches have become inadequate for threat hunting for organizations. Moreover, SOC (Security Operation Centers) analysts are often…

Provenance analysis (PA) has recently emerged as an important solution for cyber attack investigation. PA leverages system monitoring to monitor system activities as a series of system audit events and organizes these events as a provenance…

Cryptography and Security · Computer Science 2025-10-31 Fei Shao , Jia Zou , Zhichao Cao , Xusheng Xiao

Cyber attacks are often identified using system and network logs. There have been significant prior works that utilize provenance graphs and ML techniques to detect attacks, specifically advanced persistent threats, which are very difficult…

Cryptography and Security · Computer Science 2023-11-13 Sihat Afnan , Mushtari Sadia , Shahrear Iqbal , Anindya Iqbal

Provenance-based intrusion detection has emerged as a promising approach for analyzing complex attack behaviors through system-level provenance graphs. However, existing defense methods face an inherent granularity limitation. Node-centric…

Cryptography and Security · Computer Science 2026-04-17 Fan Yang , Binyan Xu , Di Tang , Kehuan Zhang

Advanced Persistent Threats (APTs) present a considerable challenge to cybersecurity due to their stealthy, long-duration nature. Traditional supervised learning methods typically require large amounts of labeled data, which is often scarce…

Cryptography and Security · Computer Science 2025-09-08 Sidahmed Benabderrahmane , Talal Rahwan

Advanced Persistent Threats (APTs) pose a significant security risk to organizations and industries. These attacks often lead to severe data breaches and compromise the system for a long time. Mitigating these sophisticated attacks is…

Cryptography and Security · Computer Science 2025-08-04 Ehsan Hallaji , Roozbeh Razavi-Far , Mehrdad Saif

Advanced Persistent Threats (APTs) are stealthy cyberattacks that often evade detection in system-level audit logs. Provenance graphs model these logs as connected entities and events, revealing relationships that are missed by linear log…

Cryptography and Security · Computer Science 2025-10-21 Ahmed Aly , Essam Mansour , Amr Youssef

The techniques used in modern attacks have become an important factor for investigation. As we advance further into the digital age, cyber attackers are employing increasingly sophisticated and highly threatening methods. These attacks…

Cryptography and Security · Computer Science 2026-01-21 Alexander Shim

Advanced Persistent Threats (APTs) evolve through multiple stages, each exhibiting distinct temporal and structural behaviors. Accurate stage estimation is critical for enabling adaptive cyber defense. This paper presents StageFinder, a…

Cryptography and Security · Computer Science 2026-05-06 Trung V. Phan , Thomas Bauschert

The Industrial Internet of Things (IIoT) is a transformative paradigm that integrates smart sensors, advanced analytics, and robust connectivity within industrial processes, enabling real-time data-driven decision-making and enhancing…

Cryptography and Security · Computer Science 2024-07-17 Erfan Ghiasvand , Suprio Ray , Shahrear Iqbal , Sajjad Dadkhah , Ali A. Ghorbani

In cybersecurity, security analysts constantly face the challenge of mitigating newly discovered vulnerabilities in real-time, with over 300,000 vulnerabilities identified since 1999. The sheer volume of known vulnerabilities complicates…

Cryptography and Security · Computer Science 2026-01-26 Reza Fayyazi , Stella Hoyos Trueba , Michael Zuzak , Shanchieh Jay Yang

Penetration testing is essential to securing modern web infrastructures, yet traditional manual methods struggle to keep pace with their scale and complexity. Large Language Models (LLMs) offer new opportunities for automating these tasks,…

Cryptography and Security · Computer Science 2026-05-26 William Guanting Li , Alsharif Abuadbba , Kristen Moore , Dan Dongseong Kim

System auditing is a vital technique for collecting system call events as system provenance and investigating complex multi-step attacks such as Advanced Persistent Threats. However, existing attack investigation methods struggle to uncover…

Cryptography and Security · Computer Science 2025-07-22 Saimon Amanuel Tsegai , Xinyu Yang , Haoyuan Liu , Peng Gao

Data provenance analysis has been used as an assistive measure for ensuring system integrity. However, such techniques are typically reactive approaches to identify the root cause of an attack in its aftermath. This is in part due to fact…

Cryptography and Security · Computer Science 2021-06-02 Shamaria Engram , Tyler Kaczmarek , Alice Lee , David Bigelow

While passive agents merely follow instructions, proactive agents align with higher-level objectives, such as assistance and safety by continuously monitoring the environment to determine when and how to act. However, developing proactive…

Pioneering advancements in artificial intelligence, especially in genAI, have enabled significant possibilities for content creation, but also led to widespread misinformation and false content. The growing sophistication and realism of…

Artificial Intelligence · Computer Science 2024-11-14 Dinesh Srivasthav P , Badri Narayan Subudhi

Advanced Persistent Threats (APTs) are sophisticated, long-term cyberattacks that are difficult to detect because they operate stealthily and often blend into normal system behavior. This paper presents a neuro-symbolic anomaly detection…

Machine Learning · Computer Science 2026-02-17 Asif Tauhid , Sidahmed Benabderrahmane , Mohamad Altrabulsi , Ahamed Foisal , Talal Rahwan

Despite their growing adoption across domains, large language model (LLM)-powered agents face significant security risks from backdoor attacks during training and fine-tuning. These compromised agents can subsequently be manipulated to…

Cryptography and Security · Computer Science 2025-06-12 Li Changjiang , Liang Jiacheng , Cao Bochuan , Chen Jinghui , Wang Ting