Turnitin
降AI改写
早检测系统
早降重系统
Turnitin-UK版
万方检测-期刊版
维普编辑部版
Grammarly检测
Paperpass检测
checkpass检测
PaperYY检测
Provenance-based intrusion detection systems: A survey
M Zipperle, F Gottwalt, E Chang, T Dillon - ACM Computing Surveys, 2022 - dl.acm.org
Traditional Intrusion Detection Systems (IDS) cannot cope with the increasing number and
sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …
sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …
Are we there yet? an industrial viewpoint on provenance-based endpoint detection and response tools
Provenance-Based Endpoint Detection and Response (P-EDR) systems are deemed crucial
for future Advanced Persistent Threats (APT) defenses. Despite the fact that numerous new …
for future Advanced Persistent Threats (APT) defenses. Despite the fact that numerous new …
Shadewatcher: Recommendation-guided cyber threat analysis using system audit records
System auditing provides a low-level view into cyber threats by monitoring system entity
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …
Tactical provenance analysis for endpoint detection and response systems
Endpoint Detection and Response (EDR) tools provide visibility into sophisticated intrusions
by matching system events against known adversarial behaviors. However, current solutions …
by matching system events against known adversarial behaviors. However, current solutions …
Kairos: Practical intrusion detection and investigation using whole-system provenance
Provenance graphs are structured audit logs that describe the history of a system's
execution. Recent studies have explored a variety of techniques to analyze provenance …
execution. Recent studies have explored a variety of techniques to analyze provenance …
AttacKG: Constructing technique knowledge graph from cyber threat intelligence reports
Cyber attacks are becoming more sophisticated and diverse, making attack detection
increasingly challenging. To combat these attacks, security practitioners actively summarize …
increasingly challenging. To combat these attacks, security practitioners actively summarize …
{MAGIC}: Detecting advanced persistent threats via masked graph representation learning
Z Jia, Y **ong, Y Nan, Y Zhang, J Zhao… - 33rd USENIX Security …, 2024 - usenix.org
Advance Persistent Threats (APTs), adopted by most delicate attackers, are becoming
increasing common and pose great threat to various enterprises and institutions. Data …
increasing common and pose great threat to various enterprises and institutions. Data …
Poirot: Aligning attack behavior with kernel audit records for cyber threat hunting
SM Milajerdi, B Eshete, R Gjomemo… - Proceedings of the …, 2019 - dl.acm.org
Cyber threat intelligence (CTI) is being used to search for indicators of attacks that might
have compromised an enterprise network for a long time without being discovered. To have …
have compromised an enterprise network for a long time without being discovered. To have …
Nodoze: Combatting threat alert fatigue with automated provenance triage
Large enterprises are increasingly relying on threat detection softwares (eg, Intrusion
Detection Systems) to allow them to spot suspicious activities. These softwares generate …
Detection Systems) to allow them to spot suspicious activities. These softwares generate …
Extractor: Extracting attack behavior from threat reports
The knowledge on attacks contained in Cyber Threat Intelligence (CTI) reports is very
important to effectively identify and quickly respond to cyber threats. However, this …
important to effectively identify and quickly respond to cyber threats. However, this …