惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
Troy Hunt's Blog
The Register - Security
The Register - Security
量子位
Hugging Face - Blog
Hugging Face - Blog
T
Tailwind CSS Blog
I
InfoQ
B
Blog RSS Feed
酷 壳 – CoolShell
酷 壳 – CoolShell
WordPress大学
WordPress大学
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
Visual Studio Blog
博客园 - Franky
H
Hackread – Cybersecurity News, Data Breaches, AI and More
C
Check Point Blog
A
About on SuperTechFans
S
SegmentFault 最新的问题
阮一峰的网络日志
阮一峰的网络日志
Apple Machine Learning Research
Apple Machine Learning Research
Last Week in AI
Last Week in AI
罗磊的独立博客
Y
Y Combinator Blog
U
Unit 42
The Cloudflare Blog
T
The Blog of Author Tim Ferriss
月光博客
月光博客
GbyAI
GbyAI
博客园 - 三生石上(FineUI控件)
IT之家
IT之家
N
Netflix TechBlog - Medium
Cyberwarzone
Cyberwarzone
Vercel News
Vercel News
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Tor Project blog
博客园 - 叶小钗
大猫的无限游戏
大猫的无限游戏
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
aimingoo的专栏
aimingoo的专栏
The Hacker News
The Hacker News
Recent Announcements
Recent Announcements
博客园_首页
有赞技术团队
有赞技术团队
Jina AI
Jina AI
Simon Willison's Weblog
Simon Willison's Weblog
雷峰网
雷峰网
人人都是产品经理
人人都是产品经理
S
Schneier on Security
Spread Privacy
Spread Privacy
V
Vulnerabilities – Threatpost
P
Palo Alto Networks Blog

cs.CR updates on arXiv.org

An AI Security Agent for University ACMIS: Multi-Vector Threat Detection and Automated Response From Privacy to Workflow Integrity: Communication-Graph Metadata in Autonomous Agent Interoperability Learn from Your Mistakes: Tree-like Self-Play for Secure Code LLMs Send a SCOUT First: Pre-hoc Reasoning for Adaptive Detector Allocation in Prompt-Injection Defense QSignAI: Quantum-Randomness-Seeded Identity Signatures at the Intersection of AI for Science and Science for AI A Standardized Ontology for Intent-Based Security Management in Autonomous Networks Code as a Weapon: A Consensus-Labeled Prompt Bank for Measuring Coding-Model Compliance with Malicious-Code Requests Cordyceps: Covert Control Attacks on LLMs via Data Poisoning SAMark: A Self-Anchored Text Watermarking with Paragraph-Level Paraphrase Robustness Mechanistic origins of catastrophic forgetting: why RL preserves circuits better than SFT? Red-Teaming Agent Execution Contexts: Open-World Security Evaluation on OpenClaw From Specification to Deployment: Empirical Evidence from a W3C VC + DID Trust Infrastructure for Autonomous Agents Attacking the Spike: On the Transferability and Security of Spiking Neural Networks to Adversarial Examples Vendor-Conditioned Contrastive Learning for Predicting Organizational Cyber Threat Targets A Formal Calculus for International Relations Computation and Evaluation On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis Moving Target Defense for Web Applications using Bayesian Stackelberg Games A Mathematical Trust Algebra for International Nation Relations Computation and Evaluation A First Attempt to Cloud-Based User Verification in Distributed System Some Experimental Issues in Financial Fraud Detection: An Investigation Using Data Analytics to Detect Anomalous States in Vehicles On the Differential Privacy of Bayesian Inference Building and Measuring Privacy-Preserving Predictive Blacklists Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification Security Games with Ambiguous Beliefs of Agents Generating and Exploring S-Box Multivariate Quadratic Equation Systems with SageMath Private Disclosure of Information in Health Tele-monitoring Applications of Artificial Intelligence Techniques to Combating Cyber Crimes: A Review Implicit Contextual Integrity in Online Social Networks Phishing Detection in IMs using Domain Ontology and CBA - An innovative Rule Generation Approach Detecting fraudulent activity in a cloud using privacy-friendly data aggregates The Application of Differential Privacy for Rank Aggregation: Privacy and Accuracy An Evasion and Counter-Evasion Study in Malicious Websites Detection Hybrid Epidemics - A Case Study on Computer Worm Conficker A Self-Adaptive Network Protection System An Argumentation-Based Framework to Address the Attribution Problem in Cyber-Warfare Protecting Privacy through Distributed Computation in Multi-agent Decision Making Using Neural Network to Propose Solutions to Threats in Attack Patterns A Utility-Theoretic Approach to Privacy in Online Services Intrusion Detection using Continuous Time Bayesian Networks A DDoS-Aware IDS Model Based on Danger Theory and Mobile Agents Mining Malware Specifications through Static Reachability Analysis Subjective Logic Operators in Trust Assessment: an Empirical Study GOTCHA Password Hackers! On estimating total time to solve SAT in distributed computing environments: Application to the SAT@home project POMDPs Make Better Hackers: Accounting for Uncertainty in Penetration Testing Les POMDP font de meilleurs hackers: Tenir compte de l'incertitude dans les tests de penetration Automated Attack Planning Penetration Testing == POMDP Solving? Attack Planning in the Real World An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios A Fuzzy Logic Based Certain Trust Model for E-Commerce Predicting Network Attacks Using Ontology-Driven Inference Semantic Matching of Security Policies to Support Security Experts A formalization of re-identification in terms of compatible probabilities A trust-based security mechanism for nomadic users in pervasive systems Intrusion Detection on Smartphones Obesity Heuristic, New Way On Artificial Immune Systems Secured Wireless Communication using Fuzzy Logic based High Speed Public-Key Cryptography (FLHSPKC) Mining Permission Request Patterns from Android and Facebook Applications (extended author version) Building a Chaotic Proved Neural Network Detecting Danger: The Dendritic Cell Algorithm Detecting Anomalous Process Behaviour using Second Generation Artificial Immune Systems Outrepasser les limites des techniques classiques de Prise d'Empreintes grace aux Reseaux de Neurones Building Computer Network Attacks ToLeRating UR-STD The DCA:SOMe Comparison A comparative study between two biologically-inspired algorithms Real-Time Alert Correlation with Type Graphs Performance Evaluation of DCA and SRC on a Single Bot Detection Behavioural Correlation for Detecting P2P Bots Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory Integrating Real-Time Analysis With The Dendritic Cell Algorithm Through Segmentation Integrating Innate and Adaptive Immunity for Intrusion Detection Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm Further Exploration of the Dendritic Cell Algorithm: Antigen Multiplier and Time Windows Detecting Bots Based on Keylogging Activities Detecting Danger: Applying a Novel Immunological Concept to Intrusion Detection Systems Detecting Motifs in System Call Sequences Dendritic Cells for SYN Scan Detection Detecting Botnets Through Log Correlation DCA for Bot Detection Cooperative Automated Worm Response and Detection Immune Algorithm Cryptographic Implications for Artificially Mediated Games Differentially Private Empirical Risk Minimization An Immune Inspired Network Intrusion Detection System Utilising Correlation Context An Immune Inspired Approach to Anomaly Detection Hybrid Intrusion Detection and Prediction multiAgent System HIDPAS Artificial Dendritic Cells: Multi-faceted Perspectives AIS for Misbehavior Detection in Wireless Sensor Networks: Performance and Design Principles The Role of Self-Forensics in Vehicle Crash Investigations and Event Reconstruction Beyond Nash Equilibrium: Solution Concepts for the 21st Century From Qualitative to Quantitative Proofs of Security Properties Using First-Order Conditional Logic Danger Theory: The Link between AIS and IDS? Dempster-Shafer for Anomaly Detection The Danger Theory and Its Application to Artificial Immune Systems ANTIDS: Self-Organized Ant-based Clustering Model for Intrusion Detection System Analyzing and Improving Performance of a Class of Anomaly-based Intrusion Detectors Soft Constraint Programming to Analysing Security Protocols A Method for Clustering Web Attacks Using Edit Distance Encoding a Taxonomy of Web Attacks with Different-Length Vectors
RADAR: A TTP-based Extensible, Explainable, and Effective System for Network Traffic Analysis and Malware Detection
Yashovardhan Sharma, Simon Birnbach, Ivan Martinovic · 2022-12-08 · via cs.CR updates on arXiv.org

Network analysis and machine learning techniques have been widely applied for building malware detection systems. Though these systems attain impressive results, they often are $(i)$ not extensible, being monolithic, well tuned for the specific task they have been designed for but very difficult to adapt and/or extend to other settings, and $(ii)$ not interpretable, being black boxes whose inner complexity makes it impossible to link the result of detection with its root cause, making further analysis of threats a challenge. In this paper we present RADAR, an extensible and explainable system that exploits the popular TTP (Tactics, Techniques, and Procedures) ontology of adversary behaviour described in the industry-standard MITRE ATT\&CK framework in order to unequivocally identify and classify malicious behaviour using network traffic. We evaluate RADAR on a very large dataset comprising of 2,286,907 malicious and benign samples, representing a total of 84,792,452 network flows. The experimental analysis confirms that the proposed methodology can be effectively exploited: RADAR's ability to detect malware is comparable to other state-of-the-art non-interpretable systems' capabilities. To the best of our knowledge, RADAR is the first TTP-based system for malware detection that uses machine learning while being extensible and explainable.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。