Systematic literature review of security event correlation methods
Security event correlation approaches are necessary to detect and predict incremental
threats such as multi-step or targeted attacks (advanced persistent threats) and other causal …
threats such as multi-step or targeted attacks (advanced persistent threats) and other causal …
Structural temporal graph neural networks for anomaly detection in dynamic graphs
Detecting anomalies in dynamic graphs is a vital task, with numerous practical applications
in areas such as security, finance, and social media. Existing network embedding based …
in areas such as security, finance, and social media. Existing network embedding based …
Incremental causal graph learning for online root cause analysis
The task of root cause analysis (RCA) is to identify the root causes of system faults/failures
by analyzing system monitoring data. Efficient RCA can greatly accelerate system failure …
by analyzing system monitoring data. Efficient RCA can greatly accelerate system failure …
Alert Prioritisation in Security Operations Centres: A Systematic Survey on Criteria and Methods
F Jalalvand, M Baruwal Chhetri, S Nepal… - ACM Computing …, 2024 - dl.acm.org
Security Operations Centres (SOCs) are specialised facilities where security analysts
leverage advanced technologies to monitor, detect and respond to cyber incidents …
leverage advanced technologies to monitor, detect and respond to cyber incidents …
Heterogeneous graph matching networks
Information systems have widely been the target of malware attacks. Traditional signature-
based malicious program detection algorithms can only detect known malware and are …
based malicious program detection algorithms can only detect known malware and are …
Ensemble-based information retrieval with mass estimation for hyperspectral target detection
Given the prior information of the target, hyperspectral target detection focuses on exploiting
spectral differences to separate objects of interest from the background, which can be …
spectral differences to separate objects of interest from the background, which can be …
Automated anomaly detection via curiosity-guided search and self-imitation learning
Anomaly detection is an important data mining task with numerous applications, such as
intrusion detection, credit card fraud detection, and video surveillance. However, given a …
intrusion detection, credit card fraud detection, and video surveillance. However, given a …
Automatically and adaptively identifying severe alerts for online service systems
In large-scale online service system, to enhance the quality of services, engineers need to
collect various monitoring data and write many rules to trigger alerts. However, the number …
collect various monitoring data and write many rules to trigger alerts. However, the number …
Attentional heterogeneous graph neural network: Application to program reidentification
Program or process is an integral part of almost every IT/OT system. Can we trust the
identity/ID (eg, executable name) of the program? To avoid detection, malware may disguise …
identity/ID (eg, executable name) of the program? To avoid detection, malware may disguise …
Heterogeneous graph matching networks: Application to unknown malware detection
Information systems have widely been the target of malware attacks. Traditional signature-
based malicious program detection algorithms can only detect known malware and are …
based malicious program detection algorithms can only detect known malware and are …