Elektrotech. Inftech.
 2019
DOI: 10.1007/s00502-019-00780-x
|View full text |Cite
|
Sign up to set email alerts
|

Advanced threat intelligence: detection and classification of anomalous behavior in system processes

Robert Luh
1
,
Sebastian Schrittwieser
2

Abstract: With the advent of Advanced Persistent Threats (APTs), it has become increasingly difficult to identify and understand attacks on computer systems. This paper presents a system capable of explaining anomalous behavior within network-enabled user sessions by describing and interpreting kernel event anomalies detected by their deviation from normal behavior.The prototype has been developed at the Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks (TARGET) at St. Pölten University of Applied … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Year Published

2021
2021
2022
2022

Publication Types

Select...
1
1

Relationship

0
2

Authors

Journals

citations
Cited by 2 publications
(1 citation statement)
references
References 21 publications
0
1
0
Order By: Relevance
“…Process trees were further studied in [17], where structures from process trees were compared against reference trees known to be nonmalicious. A similar technique was used by [18], comparing star structures with templates extracted from uninfected trees. However, none of the aforementioned approaches are designed to process complex data structures that are hierarchical and sequential simultaneously.…”
Section: Related Workmentioning
confidence: 99%

SK-Tree: a systematic malware detection algorithm on streaming trees via the signature kernel

Cochrane
1
,
Foster
2
,
Chhabra
3
et al. 2021
2021 IEEE International Conference on Cyber Security and Resilience (CSR)
10
0
10
0
View full textAdd to dashboardCite
show abstract
“…Process trees were further studied in [17], where structures from process trees were compared against reference trees known to be nonmalicious. A similar technique was used by [18], comparing star structures with templates extracted from uninfected trees. However, none of the aforementioned approaches are designed to process complex data structures that are hierarchical and sequential simultaneously.…”
Section: Related Workmentioning
confidence: 99%

SK-Tree: a systematic malware detection algorithm on streaming trees via the signature kernel

Cochrane
1
,
Foster
2
,
Chhabra
3
et al. 2021
2021 IEEE International Conference on Cyber Security and Resilience (CSR)
10
0
10
0
View full textAdd to dashboardCite
show abstract

Malware Classification Based on Graph Convolutional Neural Networks and Static Call Graph Features

Mester
1
,
Bodó
2
2022
Advances and Trends in Artificial Intelligence. Theory and Practices in Artificial Intelligence
1
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.