Unicorn: Runtime provenance-based detector for advanced persistent threats
Advanced Persistent Threats (APTs) are difficult to detect due to their" low-and-slow" attack
patterns and frequent use of zero-day exploits. We present UNICORN, an anomaly-based …
patterns and frequent use of zero-day exploits. We present UNICORN, an anomaly-based …
To petabytes and beyond: recent advances in probabilistic and signal processing algorithms and their application to metagenomics
As computational biologists continue to be inundated by ever increasing amounts of
metagenomic data, the need for data analysis approaches that keep up with the pace of …
metagenomic data, the need for data analysis approaches that keep up with the pace of …
Sok: History is a vast early warning system: Auditing the provenance of system intrusions
Auditing, a central pillar of operating system security, has only recently come into its own as
an active area of public research. This resurgent interest is due in large part to the notion of …
an active area of public research. This resurgent interest is due in large part to the notion of …
When the levee breaks: a practical guide to sketching algorithms for processing the flood of genomic data
WPM Rowe - Genome biology, 2019 - Springer
Considerable advances in genomics over the past decade have resulted in vast amounts of
data being generated and deposited in global archives. The growth of these archives …
data being generated and deposited in global archives. The growth of these archives …
{PROGRAPHER}: An Anomaly Detection System based on Provenance Graph Embedding
In recent years, the Advanced Persistent Threat (APT), which involves complex and
malicious actions over a long period, has become one of the biggest threats against the …
malicious actions over a long period, has become one of the biggest threats against the …
Sometimes, you aren't what you do: Mimicry attacks against provenance graph host intrusion detection systems
Reliable methods for host-layer intrusion detection remained an open problem within
computer security. Recent research has recast intrusion detection as a provenance graph …
computer security. Recent research has recast intrusion detection as a provenance graph …
Nodesketch: Highly-efficient graph embeddings via recursive sketching
Embeddings have become a key paradigm to learn graph representations and facilitate
downstream graph analysis tasks. Existing graph embedding techniques either sample a …
downstream graph analysis tasks. Existing graph embedding techniques either sample a …
Drifted Twitter spam classification using multiscale detection test on KL divergence
Twitter spam classification is a tough challenge for social media platforms and cyber security
companies. Twitter spam with illegal links may evolve over time in order to deceive filtering …
companies. Twitter spam with illegal links may evolve over time in order to deceive filtering …
Nodlink: An online system for fine-grained apt attack detection and investigation
Advanced Persistent Threats (APT) attacks have plagued modern enterprises, causing
significant financial losses. To counter these attacks, researchers propose techniques that …
significant financial losses. To counter these attacks, researchers propose techniques that …
A memory-efficient sketch method for estimating high similarities in streaming sets
Estimating set similarity and detecting highly similar sets are fundamental problems in areas
such as databases, machine learning, and information retrieval. MinHash is a well-known …
such as databases, machine learning, and information retrieval. MinHash is a well-known …