Botnets, which are networks formed by malware-compromised machines, have become a
serious threat to the Internet. Such networks have been created to conduct large-scale …

Malicious botnets have become a common threat and pervade large parts of the Internet
today. Existing surveys and taxonomies focus on botnet topologies, command and control …

In this paper, we present HOLMES, a system that implements a new approach to the
detection of Advanced and Persistent Threats (APTs). HOLMES is inspired by several case …

In today's Industrial Internet of Things (IIoT) environment, where different systems interact
with the physical world, the state proposed by the Industry 4.0 standards can lead to …

Endpoint Detection and Response (EDR) tools provide visibility into sophisticated intrusions
by matching system events against known adversarial behaviors. However, current solutions …

Ransomware is a growing threat that encrypts auser's files and holds the decryption key until
a ransom ispaid by the victim. This type of malware is responsible fortens of millions of …

The results of botnet detection methods are usually presented without any comparison.
Although it is generally accepted that more comparisons with third-party methods may help …

OpenFlow is an open standard that has gained tremendous interest in the last few years
within the network community. It is an embodiment of the software-defined networking …

Despite decades of research in network traffic analysis and incredible advances in artificial
intelligence, network intrusion detection systems based on machine learning (ML) have yet …

In network intrusion detection research, one popular strategy for finding attacks is monitoring
a network's activity for anomalies: deviations from profiles of normality previously learned …