Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- research-articleNovember 2023
Are we there yet? An Industrial Viewpoint on Provenance-based Endpoint Detection and Response Tools
- Feng Dong,
- Shaofei Li,
- Peng Jiang,
- Ding Li,
- Haoyu Wang,
- Liangyi Huang,
- Xusheng Xiao,
- Jiedong Chen,
- Xiapu Luo,
- Yao Guo,
- Xiangqun Chen
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityNovember 2023, pp 2396–2410https://doi.org/10.1145/3576915.3616580Provenance-Based Endpoint Detection and Response (P-EDR) systems are deemed crucial for future Advanced Persistent Threats (APT) defenses. Despite the fact that numerous new techniques to improve P-EDR systems have been proposed in academia, it is still ...
- research-articleNovember 2021
Multi-Stage Attack Detection via Kill Chain State Machines
CYSARM '21: Proceedings of the 3rd Workshop on Cyber-Security Arms RaceNovember 2021, pp 13–24https://doi.org/10.1145/3474374.3486918Today, human security analysts need to sift through large volumes of alerts they have to triage during investigations. This alert fatigue results in failure to detect complex attacks, such as advanced persistent threats (APTs), because they manifest ...