UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats

6 January 2020

Papers citing "UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats"

50 / 75 papers shown

Title
Automated Alert Classification and Triage (AACT): An Intelligent System for the Prioritisation of Cybersecurity Alerts Melissa Turcotte François Labrèche Serge-Olivier Paquette 19 0 0 14 May 2025
Deep Learning-based Intrusion Detection Systems: A Survey Zhiwei Xu Yujuan Wu Shiheng Wang Jiabao Gao Tian Qiu Ziqi Wang Hai Wan Xibin Zhao 28 1 0 10 Apr 2025
A Case for Network-wide Orchestration of Host-based Intrusion Detection and Response Mark Timmons Daniel Lukaszewski Geoffrey Xie 19 1 0 08 Apr 2025
UAV Resilience Against Stealthy Attacks Arthur Amorim Max Taylor Trevor Kann Gary T. Leavens William L. Harrison Lance Joneckis AAML 47 0 0 21 Mar 2025
TFLAG:Towards Practical APT Detection via Deviation-Aware Learning on Temporal Provenance Graph Wenhan Jiang Tingting Chai Hongri Liu Kai Wang Hongke Zhang 46 0 0 13 Jan 2025
CONTINUUM: Detecting APT Attacks through Spatial-Temporal Graph Neural Networks Atmane Ayoub Mansour Bahar Kamel Soaid Ferrahi Mohamed-Lamine Messai H. Seba Karima Amrouche 38 0 0 08 Jan 2025
METANOIA: A Lifelong Intrusion Detection and Investigation System for Mitigating Concept Drift J. Ying Tiantian Zhu Aohan Zheng Tieming Chen Mingqi Lv Yan Chen 46 0 0 03 Jan 2025
LESS: Efficient Log Storage System Based on Learned Model and Minimum Attribute Tree Zhiyang Cheng Zizhen Zhu Haoran Dang Hai Wan Xibin Zhao 64 0 0 26 Nov 2024
SAGA: Synthetic Audit Log Generation for APT Campaigns Yi-Ting Huang Y. Guo Yue Yang Guo-Wei Wong Yu-Zih Jheng Yeali S. Sun Jessemyn Modini Timothy Lynar M. Chen 73 0 0 20 Nov 2024
Winemaking: Extracting Essential Insights for Efficient Threat Detection in Audit Logs Weiheng Wu Wei Qiao Wenhao Yan Bo-Sian Jiang Yuling Liu Baoxu Liu Zhigang Lu JunRong Liu 34 0 0 05 Nov 2024
Slot: Provenance-Driven APT Detection through Graph Reinforcement Learning Wei Qiao Yebo Feng Teng Li Zijian Zhang Zhengzi Xu Zhuo Ma Yulong Shen 51 0 0 23 Oct 2024
CRUcialG: Reconstruct Integrated Attack Scenario Graphs by Cyber Threat Intelligence Reports Wenrui Cheng Tiantian Zhu Tieming Chen Qixuan Yuan J. Ying Hongmei Li Chunlin Xiong Mingda Li Mingqi Lv Yan Chen 23 1 0 15 Oct 2024
Tweezers: A Framework for Security Event Detection via Event Attribution-centric Tweet Embedding Jian Cui Hanna Kim Eugene Jang Dayeon Yim Kicheol Kim Yongjae Lee Jin-Woo Chung Seungwon Shin Xiaojing Liao 48 0 0 12 Sep 2024
The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches Chuqi Zhang Jun Zeng Yiming Zhang Adil Ahmad Fengwei Zhang Hai Jin Zhenkai Liang 29 2 0 06 Sep 2024
Unintentional Security Flaws in Code: Automated Defense via Root Cause Analysis Nafis Tanveer Islam Mazal Bethany Dylan Manuel Murtuza Jadliwala Peyman Najafirad 35 0 0 30 Aug 2024
EagleEye: Attention to Unveil Malicious Event Sequences from Provenance Graphs Philipp Gysel Candid Wuest Kenneth Nwafor Otakar Jašek Andrey Ustyuzhanin D. Divakaran 47 0 0 17 Aug 2024
HADES: Detecting Active Directory Attacks via Whole Network Provenance Analytics Qi Liu Kaibin Bao Wajih Ul Hassan V. Hagenmeyer AAML 27 1 0 26 Jul 2024
Accurate and Scalable Detection and Investigation of Cyber Persistence Threats Qi Liu Muhammad Shoaib M. U. Rehman Kaibin Bao V. Hagenmeyer Wajih Ul Hassan 37 1 0 26 Jul 2024
CICAPT-IIOT: A provenance-based APT attack dataset for IIoT environment Erfan Ghiasvand Suprio Ray S. Iqbal Sajjad Dadkhah Ali A. Ghorbani 21 3 0 15 Jul 2024
Hack Me If You Can: Aggregating AutoEncoders for Countering Persistent Access Threats Within Highly Imbalanced Data Sidahmed Benabderrahmane Ngoc Hoang Petko Valtchev James Cheney Talal Rahwan 29 3 0 27 Jun 2024
P3GNN: A Privacy-Preserving Provenance Graph-Based Model for APT Detection in Software Defined Networking Hedyeh Nazari Abbas Yazdinejad Ali Dehghantanha Fattane Zarrinkalam Gautam Srivastava 33 3 0 17 Jun 2024
LaMOT: Language-Guided Multi-Object Tracking Yunhao Li Xiaoqiong Liu Luke Liu Heng Fan Libo Zhang VOT 42 1 0 12 Jun 2024
Detecting Complex Multi-step Attacks with Explainable Graph Neural Network Wei Liu Peng Gao Haotian Zhang Kejian Li Weiyong Yang Xingshen Wei Shuji Wu AAML 33 0 0 18 May 2024
The MESA Security Model 2.0: A Dynamic Framework for Mitigating Stealth Data Exfiltration Sanjeev Pratap Singh Naveed Afzal 43 3 0 17 May 2024
Nip in the Bud: Forecasting and Interpreting Post-exploitation Attacks in Real-time through Cyber Threat Intelligence Reports Tiantian Zhu Jie Ying Tieming Chen Chunlin Xiong Wenrui Cheng Qixuan Yuan Aohan Zheng Mingqi Lv Yan Chen 44 4 0 05 May 2024
SPARSE: Semantic Tracking and Path Analysis for Attack Investigation in Real-time Jie Ying Tiantian Zhu Wenrui Cheng Qixuan Yuan Mingjun Ma Chunlin Xiong Tieming Chen Mingqi Lv Yan Chen 24 1 0 04 May 2024
After the Breach: Incident Response within Enterprises Sumanth Rao 37 0 0 30 Apr 2024
Incorporating Gradients to Rules: Towards Lightweight, Adaptive Provenance-based Intrusion Detection Lingzhi Wang Xiangmin Shen Weijian Li Zhenyuan Li R. Sekar Han Liu Yan Chen AAML 38 1 0 23 Apr 2024
LTRDetector: Exploring Long-Term Relationship for Advanced Persistent Threats Detection Xiaoxiao Liu Fan Xu Nan Wang Qinxin Zhao Dalin Zhang Xibin Zhao Jiqiang Liu 44 0 0 04 Apr 2024
Beyond MOT: Semantic Multi-Object Tracking Yunhao Li Hao Wang Xue Ma Jiali Yao Shaohua Dong Heng Fan Libo Zhang VOT 32 3 0 08 Mar 2024
TREC: APT Tactic / Technique Recognition via Few-Shot Provenance Subgraph Learning Mingqi Lv HongZhe Gao Xuebo Qiu Tieming Chen Tiantian Zhu 45 2 0 23 Feb 2024
Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments Xiangmin Shen Zhenyuan Li Graham Burleigh Lingzhi Wang Yan Chen 15 3 0 29 Jan 2024
A Room With an Overview: Towards Meaningful Transparency for the Consumer Internet of Things Chris Norval Jatinder Singh 18 4 0 19 Jan 2024
Risk Taxonomy, Mitigation, and Assessment Benchmarks of Large Language Model Systems Tianyu Cui Yanling Wang Chuanpu Fu Yong Xiao Sijia Li ... Junwu Xiong Xinyu Kong Zujie Wen Ke Xu Qi Li 63 57 0 11 Jan 2024
TapTree: Process-Tree Based Host Behavior Modeling and Threat Detection Framework via Sequential Pattern Mining M. Mamun Scott Buffett 14 0 0 10 Dec 2023
LogShield: A Transformer-based APT Detection System Leveraging Self-Attention Sihat Afnan Mushtari Sadia Shahrear Iqbal Anindya Iqbal 23 1 0 09 Nov 2023
NODLINK: An Online System for Fine-Grained APT Attack Detection and Investigation Shaofei Li Feng Dong Xusheng Xiao Haoyu Wang Fei Shao Jiedong Chen Yao Guo Xiangqun Chen Ding Li 54 17 0 04 Nov 2023
MAGIC: Detecting Advanced Persistent Threats via Masked Graph Representation Learning Zian Jia Yun Xiong Yuhong Nan Yao Zhang Jinjing Zhao Mi Wen 31 16 0 15 Oct 2023
Prov2vec: Learning Provenance Graph Representation for Unsupervised APT Detection Bibek Bhattarai H. H. Huang 16 2 0 02 Oct 2023
Combating Advanced Persistent Threats: Challenges and Solutions Yuntao Wang Han Liu Zhendong Li Zhou Su Jiliang Li 15 10 0 18 Sep 2023
ProvG-Searcher: A Graph Representation Learning Approach for Efficient Provenance Graph Search Enes Altinisik Fatih Deniz Husrev Taha Sencar 41 15 0 07 Sep 2023
Kairos: Practical Intrusion Detection and Investigation using Whole-system Provenance Zijun Cheng Qiujian Lv Jinyuan Liang Yan Wang Degang Sun Thomas Pasquier Xueyuan Han 29 33 0 09 Aug 2023
Auditing Frameworks Need Resource Isolation: A Systematic Study on the Super Producer Threat to System Auditing and Its Mitigation Peng Jiang Ruizhe Huang Ding Li Yao Guo Xiangqun Chen Jianhai Luan Yuxin Ren Xinwei Hu 19 5 0 29 Jul 2023
Are we there yet? An Industrial Viewpoint on Provenance-based Endpoint Detection and Response Tools Feng Dong Shaofei Li Peng Jiang Ding Li Haoyu Wang ... Xusheng Xiao Jiedong Chen Xiapu Luo Yao Guo Xiangqun Chen 21 19 0 17 Jul 2023
Host-Based Network Intrusion Detection via Feature Flattening and Two-stage Collaborative Classifier Zhiyan Chen Murat Simsek B. Kantarci Mehran Bagheri P. Djukic 13 2 0 15 Jun 2023
SoK: Pragmatic Assessment of Machine Learning for Network Intrusion Detection Giovanni Apruzzese Pavel Laskov J. Schneider 49 25 0 30 Apr 2023
Performance Optimization using Multimodal Modeling and Heterogeneous GNN Akashnil Dutta J. Alcaraz Ali TehraniJamsaz E. César A. Sikora Ali Jannesari 20 10 0 25 Apr 2023
TBDetector:Transformer-Based Detector for Advanced Persistent Threats with Provenance Graph Nan Wang Xuezhi Wen Dalin Zhang Xibin Zhao Jiahui Ma Mengxia Luo Sen Nie Shi Wu Jiqiang Liu 26 5 0 06 Apr 2023
RAPTOR: Advanced Persistent Threat Detection in Industrial IoT via Attack Stage Correlation Ayush Kumar V. Thing 20 12 0 27 Jan 2023
Anomaly Detection in Multiplex Dynamic Networks: from Blockchain Security to Brain Disease Prediction Ali Behrouz Margo Seltzer 30 19 0 15 Nov 2022