v1v2 (latest)

HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows

3 October 2018

Papers citing "HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows"

50 / 87 papers shown

Title
SmartGuard: Leveraging Large Language Models for Network Attack Detection through Audit Log Analysis and Summarization Hao Zhang Shuo Shao Song Li Zhenyu Zhong Yan Liu Zhan Qin K. Ren 27 0 0 20 Jun 2025
Sharpening Kubernetes Audit Logs with Context Awareness Matteo Franzil Valentino Armani Luis Augusto Dias Knob Domenico Siracusa MLAU 26 0 0 19 Jun 2025
Few-Shot Learning-Based Cyber Incident Detection with Augmented Context Intelligence Fei Zuo Junghwan Rhee Yung Ryn Choe Chenglong Fu Xianshan Qu AAML 24 0 0 19 Jun 2025
PROVSYN: Synthesizing Provenance Graphs for Data Augmentation in Intrusion Detection Systems Yi Huang Wajih UI Hassan Yao Guo Xiangqun Chen Ding Li 67 0 0 06 Jun 2025
TriPSS: A Tri-Modal Keyframe Extraction Framework Using Perceptual, Structural, and Semantic Representations Mert Can Cakmak Nitin Agarwal Diwash Poudel 33 0 0 03 Jun 2025
LLM-Driven APT Detection for 6G Wireless Networks: A Systematic Review and Taxonomy Muhammed Golec Yaser Khamayseh Suhib Bani Melhem Abdulmalik Alwarafy 53 1 0 24 May 2025
Modeling Behavioral Preferences of Cyber Adversaries Using Inverse Reinforcement Learning Aditya Shinde Prashant Doshi AAML 53 0 0 02 May 2025
Deep Learning-based Intrusion Detection Systems: A Survey Zhiwei Xu Yujuan Wu Shiheng Wang Jiabao Gao Tian Qiu Ziqi Wang Hai Wan Xibin Zhao 69 3 0 10 Apr 2025
Knowledge Transfer from LLMs to Provenance Analysis: A Semantic-Augmented Method for APT Detection Fei Zuo Junghwan Rhee Yung Ryn Choe 110 1 0 24 Mar 2025
Sentient: Multi-Scenario Behavioral Intent Analysis for Advanced Persistent Threat Detection Wenhao Yan Ning An Wei Qiao Weiheng Wu Bo-Sian Jiang Yuling Liu Zhigang Lu JunRong Liu 148 0 0 10 Feb 2025
Detecting APT Malware Command and Control over HTTP(S) Using Contextual Summaries Almuthanna Alageel Sergio Maffeis Imperial College London 77 2 0 07 Feb 2025
SHIELD: APT Detection and Intelligent Explanation Using LLM Parth Atulbhai Gandhi Prasanna N. Wudali Yonatan Amaru Yuval Elovici A. Shabtai AAML 114 3 0 04 Feb 2025
TFLAG:Towards Practical APT Detection via Deviation-Aware Learning on Temporal Provenance Graph Wenhan Jiang Tingting Chai Hongri Liu Kai Wang Hongke Zhang 85 0 0 13 Jan 2025
METANOIA: A Lifelong Intrusion Detection and Investigation System for Mitigating Concept Drift J. Ying Tiantian Zhu Aohan Zheng Tieming Chen Mingqi Lv Yan Chen 84 0 0 03 Jan 2025
LESS: Efficient Log Storage System Based on Learned Model and Minimum Attribute Tree Zhiyang Cheng Zizhen Zhu Haoran Dang Hai Wan Xibin Zhao 81 0 0 26 Nov 2024
SAGA: Synthetic Audit Log Generation for APT Campaigns Yi-Ting Huang Y. Guo Yue Yang Guo-Wei Wong Yu-Zih Jheng Yeali S. Sun Jessemyn Modini Timothy Lynar M. Chen 117 1 0 20 Nov 2024
MultiKG: Multi-Source Threat Intelligence Aggregation for High-Quality Knowledge Graph Representation of Attack Techniques Jian Wang Tiantian Zhu Chunlin Xiong Yan Chen 105 1 0 13 Nov 2024
Winemaking: Extracting Essential Insights for Efficient Threat Detection in Audit Logs Weiheng Wu Wei Qiao Wenhao Yan Bo-Sian Jiang Yuling Liu Baoxu Liu Zhigang Lu JunRong Liu 71 0 0 05 Nov 2024
A Cascade Approach for APT Campaign Attribution in System Event Logs: Technique Hunting and Subgraph Matching Yi-Ting Huang Y. Guo Guo-Wei Wong M. Chen 29 1 0 29 Oct 2024
Slot: Provenance-Driven APT Detection through Graph Reinforcement Learning Wei Qiao Yebo Feng Teng Li Zijian Zhang Yulong Shen Zhuo Ma Yulong Shen 135 0 0 23 Oct 2024
CRUcialG: Reconstruct Integrated Attack Scenario Graphs by Cyber Threat Intelligence Reports Wenrui Cheng Tiantian Zhu Tieming Chen Qixuan Yuan J. Ying Hongmei Li Chunlin Xiong Mingda Li Mingqi Lv Yan Chen 51 1 0 15 Oct 2024
ORCHID: Streaming Threat Detection over Versioned Provenance Graphs Akul Goyal Jason Liu Adam Bates Gang Wang AI4TS 45 1 0 23 Aug 2024
EagleEye: Attention to Unveil Malicious Event Sequences from Provenance Graphs Philipp Gysel Candid Wuest Kenneth Nwafor Otakar Jašek Andrey Ustyuzhanin D. Divakaran 78 1 0 17 Aug 2024
HADES: Detecting Active Directory Attacks via Whole Network Provenance Analytics Qi Liu Kaibin Bao Wajih Ul Hassan V. Hagenmeyer AAML 50 2 0 26 Jul 2024
Accurate and Scalable Detection and Investigation of Cyber Persistence Threats Qi Liu Muhammad Shoaib M. U. Rehman Kaibin Bao V. Hagenmeyer Wajih Ul Hassan 65 2 0 26 Jul 2024
CICAPT-IIOT: A provenance-based APT attack dataset for IIoT environment Erfan Ghiasvand Suprio Ray S. Iqbal Sajjad Dadkhah Ali A. Ghorbani 60 6 0 15 Jul 2024
P3GNN: A Privacy-Preserving Provenance Graph-Based Model for APT Detection in Software Defined Networking Hedyeh Nazari Abbas Yazdinejad Ali Dehghantanha Fattane Zarrinkalam Gautam Srivastava 72 5 0 17 Jun 2024
RAPID: Robust APT Detection and Investigation Using Context-Aware Deep Learning Yonatan Amaru Prasanna N. Wudali Yuval Elovici A. Shabtai 76 1 0 08 Jun 2024
Carbon Filter: Real-time Alert Triage Using Large Scale Clustering and Fast Search Jonathan Oliver Raghav Batta Adam Bates M. A. Inam Shelly Mehta Shugao Xia 45 0 0 07 May 2024
Nip in the Bud: Forecasting and Interpreting Post-exploitation Attacks in Real-time through Cyber Threat Intelligence Reports Tiantian Zhu Jie Ying Tieming Chen Chunlin Xiong Wenrui Cheng Qixuan Yuan Aohan Zheng Mingqi Lv Yan Chen 75 4 0 05 May 2024
SPARSE: Semantic Tracking and Path Analysis for Attack Investigation in Real-time Jie Ying Tiantian Zhu Wenrui Cheng Qixuan Yuan Mingjun Ma Chunlin Xiong Tieming Chen Mingqi Lv Yan Chen 57 2 0 04 May 2024
Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection Lingzhi Wang Xiangmin Shen Weijian Li Zhenyuan Li R. Sekar Han Liu Yan Chen AAML 71 1 0 23 Apr 2024
LTRDetector: Exploring Long-Term Relationship for Advanced Persistent Threats Detection Xiaoxiao Liu Fan Xu Nan Wang Qinxin Zhao Dalin Zhang Xibin Zhao Jiqiang Liu 93 0 0 04 Apr 2024
Marlin: Knowledge-Driven Analysis of Provenance Graphs for Efficient and Robust Detection of Cyber Attacks Zhenyuan Li Yangyang Wei Xiangmin Shen Lingzhi Wang Yan Chen ... Fan Zhang Liang Hou Wenmao Liu Xuhong Zhang Jianwei Ying 28 1 0 19 Mar 2024
TREC: APT Tactic / Technique Recognition via Few-Shot Provenance Subgraph Learning Mingqi Lv HongZhe Gao Xuebo Qiu Tieming Chen Tiantian Zhu 66 3 0 23 Feb 2024
Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments Xiangmin Shen Zhenyuan Li Graham Burleigh Lingzhi Wang Yan Chen 58 3 0 29 Jan 2024
Risk Taxonomy, Mitigation, and Assessment Benchmarks of Large Language Model Systems Tianyu Cui Yanling Wang Chuanpu Fu Yong Xiao Sijia Li ... Junwu Xiong Xinyu Kong ZuJie Wen Ke Xu Qi Li 165 64 0 11 Jan 2024
Mining Temporal Attack Patterns from Cyberthreat Intelligence Reports Md. Rayhanur Rahman Brandon Wroblewski Quinn Matthews Brantley Morgan Tim Menzies Laurie A. Williams 68 3 0 03 Jan 2024
OSTINATO: Cross-host Attack Correlation Through Attack Activity Similarity Detection Sutanu Kumar Ghosh Kiavash Satvat Rigel Gjomemo V. Venkatakrishnan AAML 20 1 0 14 Dec 2023
LogShield: A Transformer-based APT Detection System Leveraging Self-Attention Sihat Afnan Mushtari Sadia Shahrear Iqbal Anindya Iqbal 58 1 0 09 Nov 2023
NODLINK: An Online System for Fine-Grained APT Attack Detection and Investigation Shaofei Li Feng Dong Xusheng Xiao Haoyu Wang Fei Shao Jiedong Chen Yao Guo Xiangqun Chen Ding Li 85 21 0 04 Nov 2023
MAGIC: Detecting Advanced Persistent Threats via Masked Graph Representation Learning Zian Jia Yun Xiong Yuhong Nan Yao Zhang Jinjing Zhao Mi Wen 73 23 0 15 Oct 2023
Prov2vec: Learning Provenance Graph Representation for Unsupervised APT Detection Bibek Bhattarai H. H. Huang 35 2 0 02 Oct 2023
Combating Advanced Persistent Threats: Challenges and Solutions Yuntao Wang Han Liu Zhendong Li Zhou Su Jiliang Li 43 12 0 18 Sep 2023
ProvG-Searcher: A Graph Representation Learning Approach for Efficient Provenance Graph Search Enes Altinisik Fatih Deniz Husrev Taha Sencar 77 23 0 07 Sep 2023
MITRE ATT&CK: State of the Art and Way Forward Bader Al-Sada Alireza Sadighian Gabriele Oligeri 69 17 0 27 Aug 2023
Kairos: Practical Intrusion Detection and Investigation using Whole-system Provenance Zijun Cheng Qiujian Lv Jinyuan Liang Yan Wang Degang Sun Thomas Pasquier Xueyuan Han 87 42 0 09 Aug 2023
Auditing Frameworks Need Resource Isolation: A Systematic Study on the Super Producer Threat to System Auditing and Its Mitigation Peng Jiang Ruizhe Huang Ding Li Yao Guo Xiangqun Chen Jianhai Luan Yuxin Ren Xinwei Hu 44 5 0 29 Jul 2023
Are we there yet? An Industrial Viewpoint on Provenance-based Endpoint Detection and Response Tools Feng Dong Shaofei Li Peng Jiang Ding Li Haoyu Wang ... Xusheng Xiao Jiedong Chen Xiapu Luo Yao Guo Xiangqun Chen 47 25 0 17 Jul 2023
On the Security Risks of Knowledge Graph Reasoning Zhaohan Xi Tianyu Du Changjiang Li Ren Pang S. Ji Xiapu Luo Xusheng Xiao Fenglong Ma Ting Wang 59 10 0 03 May 2023