v1v2 (latest)

HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows

3 October 2018

Papers citing "HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows"

37 / 87 papers shown

Title
SoK: Pragmatic Assessment of Machine Learning for Network Intrusion Detection Giovanni Apruzzese Pavel Laskov J. Schneider 118 27 0 30 Apr 2023
TBDetector:Transformer-Based Detector for Advanced Persistent Threats with Provenance Graph Nan Wang Xuezhi Wen Dalin Zhang Xibin Zhao Jiahui Ma Mengxia Luo Sen Nie Shi Wu Jiqiang Liu 48 6 0 06 Apr 2023
RAPTOR: Advanced Persistent Threat Detection in Industrial IoT via Attack Stage Correlation Ayush Kumar V. Thing 55 14 0 27 Jan 2023
Resource-Interaction Graph: Efficient Graph Representation for Anomaly Detection James Pope Jinyuan Liang Vijay S. Kumar Francesco Raimondo Xinyi Sun ... Ioannis Mavromatis Adrián Sánchez-Mompó P. Carnelli Theodoros Spyridopoulos UK InnovationLaboratory 27 1 0 16 Dec 2022
$Investigating co-occurrences of MITRE ATT\&CK Techniques$ Investigating co-occurrences of MITRE ATT\&CK Techniques Md. Rayhanur Rahman Laurie A. Williams 79 11 0 11 Nov 2022
Ellipsis: Towards Efficient System Auditing for Real-Time Systems Ayoosh Bansal Anant Kandikuppa Chien-Ying Chen M. Hasan Adam Bates Sibin Mohan 20 0 0 04 Aug 2022
Current Challenges of Cyber Threat and Vulnerability Identification Using Public Enumerations Lukáš Sadlek Pavel Čeleda Daniel Tovarňák 44 6 0 29 Jun 2022
Exploration of Enterprise Server Data to Assess Ease of Modeling System Behavior Enes Altinisik Husrev Taha Sencar Mohamed Nabeel Issa M. Khalil Tingyue Yu 45 0 0 12 Jun 2022
Software Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats Giorgio Di Tizio Michele Armellini Fabio Massacci AAML 64 10 0 16 May 2022
SIERRA: Ranking Anomalous Activities in Enterprise Networks Jehyun Lee Farren Tang Phyo May Thet Desmond Yeoh Mitch Rybczynski D. Divakaran 34 4 0 31 Mar 2022
ANUBIS: A Provenance Graph-Based Framework for Advanced Persistent Threat Detection M. Anjum Shahrear Iqbal B. Hamelin 47 29 0 21 Dec 2021
APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts Tiantian Zhu Jinkai Yu Tieming Chen Qixuan Yuan J. Ying Jiabo Zhang Mingqi Lv Yan Chen Yuan Fan Ting Wang 60 28 0 16 Dec 2021
A Heterogeneous Graph Learning Model for Cyber-Attack Detection Mingqi Lv Chengyu Dong Tieming Chen Tiantian Zhu Qijie Song Yuan Fan AAML 36 4 0 16 Dec 2021
threaTrace: Detecting and Tracing Host-based Threats in Node Level Through Provenance Graph Learning Su Wang Zhiliang Wang Tao Zhou Xia Yin Dongqi Han Han Zhang Hongbin Sun Xingang Shi Jiahai Yang 67 76 0 08 Nov 2021
Secure Namespaced Kernel Audit for Containers S. Lim Bogdan Stelea Xueyuan Han Thomas Pasquier 59 19 0 03 Nov 2021
Towards event aggregation for reducing the volume of logged events during IKC stages of APT attacks Ali Ahmadian Ramaki A. G. Bafghi Abbas Rasoolzadegan Barforoush 77 2 0 29 Sep 2021
Role-based lateral movement detection with unsupervised learning Brian A. Powell AAML 76 13 0 05 Aug 2021
Reinforcement Learning for Industrial Control Network Cyber Security Orchestration John Mern Kyle Hatch Ryan Silva J. Brush Mykel J. Kochenderfer 65 4 0 09 Jun 2021
Hopper: Modeling and Detecting Lateral Movement (Extended Report) Grant Ho Mayank Dhiman Devdatta Akhawe V. Paxson Stefan Savage G. Voelker D. Wagner 24 30 0 27 May 2021
Evidential Cyber Threat Hunting F. Araujo Dhilung Kirat Xiaokui Shu Teryl Taylor Jiyong Jang 37 5 0 21 Apr 2021
DeepHunter: A Graph Neural Network Based Approach for Robust Cyber Threat Hunting Renzheng Wei Lijun Cai Aimin Yu Dan Meng 60 34 0 20 Apr 2021
Multi-Stage Attack Detection via Kill Chain State Machines Florian Wilkens Felix Ortmann Steffen Haas Matthias Vallentin Mathias Fischer 38 22 0 26 Mar 2021
Towards an Open Format for Scalable System Telemetry Teryl Taylor F. Araujo Xiaokui Shu 30 8 0 25 Jan 2021
SIGL: Securing Software Installations Through Deep Graph Learning Xueyuan Han Xiao Yu Thomas Pasquier Ding Li J. Rhee James W. Mickens Margo Seltzer Haifeng Chen 85 52 0 26 Aug 2020
ProblemChild: Discovering Anomalous Patterns based on Parent-Child Process Relationships Bobby Filar David French 23 3 0 11 Aug 2020
Densely Connected Residual Network for Attack Recognition Peilun Wu Nour Moustafa Shiyi Yang Hui Guo 29 14 0 05 Aug 2020
Categorical anomaly detection in heterogeneous data using minimum description length clustering James Cheney Xavier Gombau Ghita Berrada Sidahmed Benabderrahmane 21 1 0 14 Jun 2020
Threat Detection and Investigation with System-level Provenance Graphs: A Survey Zhenyuan Li Qi Alfred Chen Runqing Yang Yan Chen 74 85 0 02 Jun 2020
Xanthus: Push-button Orchestration of Host Provenance Data Collection Xueyuan Han James W. Mickens Ashish Gehani Margo Seltzer Thomas Pasquier 28 7 0 10 May 2020
UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats Xueyuan Han Thomas Pasquier Adam Bates James W. Mickens Margo Seltzer 114 289 0 06 Jan 2020
The Naked Sun: Malicious Cooperation Between Benign-Looking Processes Fabio De Gaspari Dorjan Hitaj Giulio Pagnotta Lorenzo De Carli L. Mancini AAML 65 30 0 06 Nov 2019
POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting Sadegh M. Milajerdi Birhanu Eshete Rigel Gjomemo V. Venkatakrishnan 46 217 0 30 Sep 2019
Detecting malicious logins as graph anomalies Brian A Powell 31 10 0 19 Sep 2019
ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks Yun Shen Gianluca Stringhini 85 67 0 29 May 2019
On Preempting Advanced Persistent Threats Using Probabilistic Graphical Models Phuong M Cao 40 8 0 21 Mar 2019
Toward a Theory of Cyber Attacks Saeed Valizadeh Marten van Dijk AAML 53 5 0 06 Jan 2019
ProPatrol: Attack Investigation via Extracted High-Level Tasks Sadegh M. Milajerdi Birhanu Eshete Rigel Gjomemo V. Venkatakrishnan 49 21 0 12 Oct 2018