[HTML][HTML] Evolving techniques in cyber threat hunting: A systematic review
In the rapidly changing cybersecurity landscape, threat hunting has become a critical
proactive defense against sophisticated cyber threats. While traditional security measures …
proactive defense against sophisticated cyber threats. While traditional security measures …
A survey on threat hunting in enterprise networks
With the rapidly evolving technological landscape, the huge development of the Internet of
Things, and the embracing of digital transformation, the world is witnessing an explosion in …
Things, and the embracing of digital transformation, the world is witnessing an explosion in …
Euler: Detecting Network Lateral Movement via Scalable Temporal Link Prediction
Lateral movement is a key stage of system compromise used by advanced persistent
threats. Detecting it is no simple task. When network host logs are abstracted into discrete …
threats. Detecting it is no simple task. When network host logs are abstracted into discrete …
Towards ai-powered cybersecurity attack modeling with simulation tools: Review of attack simulators
Cybersecurity currently focuses primarily on defenses that detect and prevent cyber-attacks.
However, it is more important to regularly verify an organization's security posture to …
However, it is more important to regularly verify an organization's security posture to …
Jbeil: Temporal graph-based inductive learning to infer lateral movement in evolving enterprise networks
Lateral Movement (LM) is one of the core stages of advanced persistent threats which
continues to compromise the security posture of enterprise networks at large. Recent …
continues to compromise the security posture of enterprise networks at large. Recent …
On the detection of lateral movement through supervised machine learning and an open-source tool to create turnkey datasets from sysmon logs
Lateral movement (LM) is a principal, increasingly common, tactic in the arsenal of
advanced persistent threat (APT) groups and other less or more powerful threat actors. It …
advanced persistent threat (APT) groups and other less or more powerful threat actors. It …
Revisiting the detection of lateral movement through Sysmon
This work attempts to answer in a clear way the following key questions regarding the
optimal initialization of the Sysmon tool for the identification of Lateral Movement in the MS …
optimal initialization of the Sysmon tool for the identification of Lateral Movement in the MS …
Understanding and bridging the gap between unsupervised network representation learning and security analytics
Cyber-attacks have become increasingly sophisticated, which also drives the development
of security analytics that produce countermeasures by mining organizational logs, eg …
of security analytics that produce countermeasures by mining organizational logs, eg …
Raptor: advanced persistent threat detection in industrial iot via attack stage correlation
Past Advanced Persistent Threat (APT) attacks on Industrial Internet-of-Things (IIoT), such as
the 2016 Ukrainian power grid attack and the 2017 Saudi petrochemical plant attack, have …
the 2016 Ukrainian power grid attack and the 2017 Saudi petrochemical plant attack, have …
You Cannot Escape Me: Detecting Evasions of {SIEM} Rules in Enterprise Networks
Cyberattacks have grown into a major risk for organizations, with common consequences
being data theft, sabotage, and extortion. Since preventive measures do not suffice to repel …
being data theft, sabotage, and extortion. Since preventive measures do not suffice to repel …