![](https://img-blog.csdnimg.cn/20201014180756927.png?x-oss-process=image/resize,m_fixed,h_64,w_64)
学术
Alst0n
这个作者很懒,什么都没留下…
展开
-
PaperNote - Poirot:对比攻击行为与内核审计记录保以进行网络威胁猎杀
原文标题:Poirot: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting原文作者:Sadegh M. Milajerdi,Birhanu Eshete,Rigel Gjomemo,V.N. Venkatakrishnan原文来源:CCS 2019原文链接:https://arxiv.org...原创 2020-03-25 20:22:08 · 2532 阅读 · 0 评论 -
PaperNote - UNICORN:基于Provenance的实时APT检测器
原文标题:UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats原文作者:Xueyuan Han∗, Thomas Pasquiery, Adam Batesz, James Mickens∗ and Margo Seltzerx原文来源:NDSS 2020原文链接:https://arxiv.or...原创 2020-03-14 21:49:42 · 4361 阅读 · 9 评论 -
PaperNote - 基于时空特征融合的入侵检测系统模型
原文标题:Model of the intrusion detection system based on the integration of spatial-temporal features原文作者:Jianwu Zhang, Yu Ling, Xingbing Fu, Xiongkun Yang, Gang Xiong, Rui Zhang原文来源:Computers & Se...原创 2020-03-09 11:16:16 · 2326 阅读 · 1 评论 -
PaperNote - 一种情报驱动的安全感知APT防御机制
原文标题:An Intelligence-Driven Security-Aware Defense Mechanism for Advanced Persistent Threats原文作者:Yuqing Li, Wenkuan Dai, Jie Bai, Xiaoying Gan, Member, IEEE, Jingchao Wang, and Xinbing Wang, SeniorM...原创 2020-02-27 15:34:00 · 573 阅读 · 0 评论 -
Paper Note - 分析大量网络流量以进行APT检测
原文标题:Analysis of high volumes of network traffic for Advanced Persistent Threat detection原文作者:Mirco Marchetti, Fabio Pierazzi∗, Michele Colajanni, Alessandro Guido Department of Engineering “Enzo Fe...原创 2020-02-20 18:25:07 · 1492 阅读 · 0 评论 -
Paper Note - 基于高效数据流标记和跟踪的可精炼跨主机攻击调查
原文标题:Enabling Refinable Cross-Host Attack Investigation with Efficient Data Flow Tagging and Tracking原文作者:Yang Ji, Sangho Lee, Mattia Fazzini, Joey Allen, Evan Downing, Taesoo Kim, Alessandro Orso, a...原创 2020-02-15 23:12:08 · 705 阅读 · 0 评论 -
Paper Note - SLEUTH:基于COTS审计数据的实时攻击场景重构
原文标题:SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data原文作者:Md Nahid Hossain, Stony Brook University; Sadegh M. Milajerdi, University of Illinois at Chicago; Junao Wang, Stony Broo...原创 2020-02-12 10:12:45 · 2215 阅读 · 3 评论 -
Paper Note - HOLMES:基于可疑信息流的实时APT检测
文章目录1 简介1.1 杀伤链模型1.2 研究现状1.3 创新点1.4 解决的主要问题1.5 实现方法和主要贡献原文作者:Sadegh M. Milajerdi, Rigel Gjomemo, Birhanu Eshete, R. Sekar, V.N. Venkatakrishnan原文标题:HOLMES: Real-time APT Detection through Correlatio...原创 2020-01-04 14:47:19 · 2284 阅读 · 4 评论