Botnets, which are networks formed by malware-compromised machines, have become a
serious threat to the Internet. Such networks have been created to conduct large-scale …

Malicious botnets have become a common threat and pervade large parts of the Internet
today. Existing surveys and taxonomies focus on botnet topologies, command and control …

Endpoint Detection and Response (EDR) tools provide visibility into sophisticated intrusions
by matching system events against known adversarial behaviors. However, current solutions …

In this paper, we present HOLMES, a system that implements a new approach to the
detection of Advanced and Persistent Threats (APTs). HOLMES is inspired by several case …

Ransomware is a growing threat that encrypts auser's files and holds the decryption key until
a ransom ispaid by the victim. This type of malware is responsible fortens of millions of …

In today's Industrial Internet of Things (IIoT) environment, where different systems interact
with the physical world, the state proposed by the Industry 4.0 standards can lead to …

Despite decades of research in network traffic analysis and incredible advances in artificial
intelligence, network intrusion detection systems based on machine learning (ML) have yet …

The results of botnet detection methods are usually presented without any comparison.
Although it is generally accepted that more comparisons with third-party methods may help …

Auditing, a central pillar of operating system security, has only recently come into its own as
an active area of public research. This resurgent interest is due in large part to the notion of …

OpenFlow is an open standard that has gained tremendous interest in the last few years
within the network community. It is an embodiment of the software-defined networking …