Traditional Intrusion Detection Systems (IDS) cannot cope with the increasing number and
sophistication of cyberattacks such as Advanced Persistent Threats (APT). Due to their high …

With the rapidly evolving technological landscape, the huge development of the Internet of
Things, and the embracing of digital transformation, the world is witnessing an explosion in …

Advanced Persistent Threats (APT) involve multiple attack steps over a long period, and
their investigation requires analysis of myriad logs to identify their attack steps, which are a …

Endpoint Detection and Response (EDR) tools provide visibility into sophisticated intrusions
by matching system events against known adversarial behaviors. However, current solutions …

Provenance graphs are structured audit logs that describe the history of a system's
execution. Recent studies have explored a variety of techniques to analyze provenance …

System auditing provides a low-level view into cyber threats by monitoring system entity
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …

Advance Persistent Threats (APTs), adopted by most delicate attackers, are becoming
increasing common and pose great threat to various enterprises and institutions. Data …

Malware poses a severe threat to cyber security. Attackers use malware to achieve their
malicious purposes, such as unauthorized access, stealing confidential data, blackmailing …

The success of deep learning (DL) techniques has led to their adoption in many fields,
including attack investigation, which aims to recover the whole attack story from logged …

Cyberattacks represent an ever-growing threat that has become a real priority for most
organizations. Attackers use sophisticated attack scenarios to deceive defense systems in …