POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber
Threat Hunting

POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting

30 September 2019

Sadegh M. Milajerdi

V. Venkatakrishnan

ArXiv (abs)PDF HTML

Papers citing "POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting"

10 / 10 papers shown

Title
Sentient: Multi-Scenario Behavioral Intent Analysis for Advanced Persistent Threat Detection Wenhao Yan Ning An Wei Qiao Weiheng Wu Bo-Sian Jiang Yuling Liu Zhigang Lu JunRong Liu 131 0 0 10 Feb 2025
Slot: Provenance-Driven APT Detection through Graph Reinforcement Learning Wei Qiao Yebo Feng Teng Li Zijian Zhang Zhengzi Xu Zhuo Ma Yulong Shen 112 0 0 23 Oct 2024
ProPatrol: Attack Investigation via Extracted High-Level Tasks Sadegh M. Milajerdi Birhanu Eshete Rigel Gjomemo V. Venkatakrishnan 44 21 0 12 Oct 2018
HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows Sadegh M. Milajerdi Rigel Gjomemo Birhanu Eshete R. Sekar V. Venkatakrishnan 54 402 0 03 Oct 2018
Runtime Analysis of Whole-System Provenance Thomas Pasquier Xueyuan Han Thomas Moyer Adam Bates O. Hermant David Eyers J. Bacon Margo Seltzer 53 96 0 18 Aug 2018
SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection Peng Gao Xusheng Xiao Ding Li Zhichun Li Kangkook Jee Zhenyu Wu C. Kim Sanjeev R. Kulkarni Prateek Mittal 41 107 0 25 Jun 2018
AIQL: Enabling Efficient Attack Investigation from System Monitoring Data Peng Gao Xusheng Xiao Zhichun Li Kangkook Jee Fengyuan Xu Sanjeev R. Kulkarni Prateek Mittal 50 87 0 06 Jun 2018
SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data M. Hossain Sadegh M. Milajerdi Junao Wang Birhanu Eshete Rigel Gjomemo R. Sekar Scott D. Stoller V. Venkatakrishnan 50 222 0 06 Jan 2018
Behavior Query Discovery in System-Generated Temporal Graphs Bo Zong Xusheng Xiao Zhichun Li Zhenyu Wu Zhiyun Qian Xifeng Yan Ambuj K. Singh Guofei Jiang 23 29 0 18 Nov 2015
Detection of Early-Stage Enterprise Infection by Mining Large-Scale Log Data Alina Oprea Zhou Li T. Yen Sang Chin Sumayah A. Alrwais 67 172 0 18 Nov 2014