v1v2 (latest)

UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats

Network and Distributed System Security Symposium (NDSS), 2020

6 January 2020

Papers citing "UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats"

50 / 93 papers shown

SecTracer: A Framework for Uncovering the Root Causes of Network Intrusions via Security Provenance

132

12 Nov 2025

A Survey of Heterogeneous Graph Neural Networks for Cybersecurity Anomaly Detection

161

30 Oct 2025

OCR-APT: Reconstructing APT Stories from Audit Logs using Subgraph Anomaly Detection and LLMs

Ahmed Aly

Essam Mansour

Amr Youssef

185

16 Oct 2025

Ancora: Accurate Intrusion Recovery for Web Applications

171

09 Oct 2025

DeepProv: Behavioral Characterization and Repair of Neural Networks via Inference Provenance Graph Analysis

232

30 Sep 2025

An Automated Attack Investigation Approach Leveraging Threat-Knowledge-Augmented Large Language Models

159

01 Sep 2025

LLM-driven Provenance Forensics for Threat Investigation and Detection

Kunal Mukherjee

Murat Kantarcioglu

174

29 Aug 2025

DEFENDCLI: {Command-Line} Driven Attack Provenance Examination

189

18 Aug 2025

MirGuard: Towards a Robust Provenance-based Intrusion Detection System Against Graph Manipulation Attacks

166

14 Aug 2025

LMDG: Advancing Lateral Movement Detection Through High-Fidelity Dataset Generation

216

04 Aug 2025

PROVCREATOR: Synthesizing Complex Heterogenous Graphs with Node and Edge Attributes

215

28 Jul 2025

SmartGuard: Leveraging Large Language Models for Network Attack Detection through Audit Log Analysis and Summarization

321

20 Jun 2025

ContextBuddy: AI-Enhanced Contextual Insights for Security Alert Investigation (Applied to Intrusion Detection)

Ronal Singh

Mohan Baruwal Chhetri

Surya Nepal

Cécile Paris

268

11 Jun 2025

No Data? No Problem: Synthesizing Security Graphs for Better Intrusion Detection

Wajih Ul Hassan

302

06 Jun 2025

TriPSS: A Tri-Modal Keyframe Extraction Framework Using Perceptual, Structural, and Semantic Representations

Mert Can Cakmak

Nitin Agarwal

Diwash Poudel

288

03 Jun 2025

Automated Alert Classification and Triage (AACT): An Intelligent System for the Prioritisation of Cybersecurity Alerts

Melissa Turcotte

François Labrèche

Serge-Olivier Paquette

215

14 May 2025

Deep Learning-based Intrusion Detection Systems: A Survey

421

10 Apr 2025

A Case for Network-wide Orchestration of Host-based Intrusion Detection and Response

Mark Timmons

Daniel Lukaszewski

Geoffrey Xie

133

08 Apr 2025

UAV Resilience Against Stealthy AttacksInternational Conference on Unmanned Aircraft Systems (ICUAS), 2025

294

21 Mar 2025

OMNISEC: LLM-Driven Provenance-based Intrusion Detection via Retrieval-Augmented Behavior Prompting

355

05 Mar 2025

TFLAG:Towards Practical APT Detection via Deviation-Aware Learning on Temporal Provenance Graph

354

13 Jan 2025

CONTINUUM: Detecting APT Attacks through Spatial-Temporal Graph Neural Networks

Atmane Ayoub Mansour Bahar

Kamel Soaid Ferrahi

Mohamed-Lamine Messai

H. Seba

Karima Amrouche

419

08 Jan 2025

DEHYDRATOR: Enhancing Provenance Graph Storage via Hierarchical Encoding and Sequence GenerationIEEE Transactions on Information Forensics and Security (IEEE TIFS), 2024

206

03 Jan 2025

METANOIA: A Lifelong Intrusion Detection and Investigation System for Mitigating Concept Drift

322

31 Dec 2024

LESS: Efficient Log Storage System Based on Learned Model and Minimum Attribute Tree

203

26 Nov 2024

SAGA: Synthetic Audit Log Generation for APT Campaigns

301

20 Nov 2024

Winemaking: Extracting Essential Insights for Efficient Threat Detection in Audit Logs

333

05 Nov 2024

Slot: Provenance-Driven APT Detection through Graph Reinforcement Learning

1.1K

23 Oct 2024

CRUcialG: Reconstruct Integrated Attack Scenario Graphs by Cyber Threat Intelligence ReportsIEEE Transactions on Dependable and Secure Computing (IEEE TDSC), 2024

385

15 Oct 2024

Tweezers: A Framework for Security Event Detection via Event Attribution-centric Tweet EmbeddingNetwork and Distributed System Security Symposium (NDSS), 2024

Jian Cui

Seungwon Shin

335

12 Sep 2024

The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission SwitchesConference on Computer and Communications Security (CCS), 2024

Yiming Zhang

281

06 Sep 2024

Unintentional Security Flaws in Code: Automated Defense via Root Cause Analysis

Nafis Tanveer Islam

Mazal Bethany

Dylan Manuel

Murtuza Jadliwala

Peyman Najafirad

279

30 Aug 2024

EagleEye: Attention to Unveil Malicious Event Sequences from Provenance GraphsAPWG Symposium on Electronic Crime Research (APWG eCrime), 2024

Otakar Jašek

298

17 Aug 2024

HADES: Detecting Active Directory Attacks via Whole Network Provenance Analytics

166

26 Jul 2024

Accurate and Scalable Detection and Investigation of Cyber Persistence Threats

294

26 Jul 2024

CICAPT-IIOT: A provenance-based APT attack dataset for IIoT environment

281

15 Jul 2024

Hack Me If You Can: Aggregating AutoEncoders for Countering Persistent Access Threats Within Highly Imbalanced Data

Sidahmed Benabderrahmane

211

27 Jun 2024

P3GNN: A Privacy-Preserving Provenance Graph-Based Model for APT Detection in Software Defined Networking

Gautam Srivastava

329

17 Jun 2024

LaMOT: Language-Guided Multi-Object Tracking

355

12 Jun 2024

RAPID: Robust APT Detection and Investigation Using Context-Aware Deep LearningComputer Networks (CN), 2024

182

08 Jun 2024

Detecting Complex Multi-step Attacks with Explainable Graph Neural Network

404

18 May 2024

The MESA Security Model 2.0: A Dynamic Framework for Mitigating Stealth Data Exfiltration

Sanjeev Pratap Singh

Naveed Afzal

250

17 May 2024

Nip in the Bud: Forecasting and Interpreting Post-exploitation Attacks in Real-time through Cyber Threat Intelligence ReportsIEEE Transactions on Dependable and Secure Computing (IEEE TDSC), 2024

254

05 May 2024

SPARSE: Semantic Tracking and Path Analysis for Attack Investigation in Real-timeIEEE Transactions on Dependable and Secure Computing (IEEE TDSC), 2024

270

04 May 2024

After the Breach: Incident Response within Enterprises

Sumanth Rao

262

30 Apr 2024

Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection

305

23 Apr 2024

LTRDetector: Exploring Long-Term Relationship for Advanced Persistent Threats Detection

305

04 Apr 2024

Beyond MOT: Semantic Multi-Object TrackingEuropean Conference on Computer Vision (ECCV), 2024

442

08 Mar 2024

TREC: APT Tactic / Technique Recognition via Few-Shot Provenance Subgraph Learning

243

23 Feb 2024

Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World EnvironmentsACM Asia Conference on Computer and Communications Security (AsiaCCS), 2024

234

29 Jan 2024