The increasing sophistication of malware threats has led to growing concerns in the anti-
malware community, as malware poses a significant danger to online users despite the …

Communication protocols form the bedrock of our interconnected world, yet vulnerabilities
within their implementations pose significant security threats. Recent developments have …

System auditing provides a low-level view into cyber threats by monitoring system entity
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …

Lateral movement is a key stage of system compromise used by advanced persistent
threats. Detecting it is no simple task. When network host logs are abstracted into discrete …

Early and accurate detection of network intrusions is crucial to ensure network security and
stability. Existing network intrusion detection methods mainly use conventional machine …

U nraveled is a novel cybersecurity dataset capturing Advanced Persistent Threat (APT)
attacks not available in the public domain. Existing cybersecurity datasets lack coherent …

Today's advanced cyber attack campaigns can often bypass all existing protections. The
primary defense against them is after-the-fact detection, followed by a forensic analysis to …

Past Advanced Persistent Threat (APT) attacks on Industrial Internet-of-Things (IIoT), such as
the 2016 Ukrainian power grid attack and the 2017 Saudi petrochemical plant attack, have …

The hacker group identification is an important pre-work for tasks such as hacking tracing,
criminal portraits. The current hacker identification mainly relies on fingerprints and clue …

The security of container-based microservices relies heavily on the isolation of operating
system resources that is provided by namespaces. However, vulnerabilities exist in the …