FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4288057803> ?p ?o ?g. }

• W4288057803 abstract "System auditing provides a low-level view into cyber threats by monitoring system entity interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data provenance analysis on audit records to search for anomalies (anomalous behaviors) or specifications of known attacks. However, existing approaches suffer from several limitations: 1) generating high volumes of false alarms, 2) relying on expert knowledge, or 3) producing coarse-grained detection signals. In this paper, we recognize the structural similarity between threat detection in cybersecurity and recommendation in information retrieval. By mapping security concepts of system entity interactions to recommendation concepts of user-item interactions, we identify cyber threats by predicting the preferences of a system entity on its interactive entities. Furthermore, inspired by the recent advances in modeling high-order connectivity via item side information in the recommendation, we transfer the insight to cyber threat analysis and customize an automated detection system, SHADEWATCHER. It fulfills the potential of high-order information in audit records via graph neural networks to improve detection effectiveness. Besides, we equip SHADEWATCHER with dynamic updates towards better generalization to false alarms. In our evaluation against both real-life and simulated cyber-attack scenarios, SHADEWATCHER shows its advantage in identifying threats with high precision and recall rates. Moreover, SHADEWATCHER is capable of pinpointing threats from nearly a million system entity interactions within seconds." @default.
• W4288057803 created "2022-07-28" @default.
• W4288057803 creator A5016705381 @default.
• W4288057803 creator A5019056615 @default.
• W4288057803 creator A5030792927 @default.
• W4288057803 creator A5044936528 @default.
• W4288057803 creator A5047869365 @default.
• W4288057803 creator A5061399591 @default.
• W4288057803 creator A5074450656 @default.
• W4288057803 date "2022-05-01" @default.
• W4288057803 modified "2023-10-13" @default.
• W4288057803 title "SHADEWATCHER: Recommendation-guided Cyber Threat Analysis using System Audit Records" @default.
• W4288057803 doi "https://doi.org/10.1109/sp46214.2022.9833669" @default.
• W4288057803 hasPublicationYear "2022" @default.
• W4288057803 type Work @default.
• W4288057803 citedByCount "11" @default.
• W4288057803 countsByYear W42880578032022 @default.
• W4288057803 countsByYear W42880578032023 @default.
• W4288057803 crossrefType "proceedings-article" @default.
• W4288057803 hasAuthorship W4288057803A5016705381 @default.
• W4288057803 hasAuthorship W4288057803A5019056615 @default.
• W4288057803 hasAuthorship W4288057803A5030792927 @default.
• W4288057803 hasAuthorship W4288057803A5044936528 @default.
• W4288057803 hasAuthorship W4288057803A5047869365 @default.
• W4288057803 hasAuthorship W4288057803A5061399591 @default.
• W4288057803 hasAuthorship W4288057803A5074450656 @default.
• W4288057803 hasConcept C124101348 @default.
• W4288057803 hasConcept C162324750 @default.
• W4288057803 hasConcept C187736073 @default.
• W4288057803 hasConcept C199521495 @default.
• W4288057803 hasConcept C23123220 @default.
• W4288057803 hasConcept C38652104 @default.
• W4288057803 hasConcept C41008148 @default.
• W4288057803 hasConcept C80958533 @default.
• W4288057803 hasConcept C81669768 @default.
• W4288057803 hasConceptScore W4288057803C124101348 @default.
• W4288057803 hasConceptScore W4288057803C162324750 @default.
• W4288057803 hasConceptScore W4288057803C187736073 @default.
• W4288057803 hasConceptScore W4288057803C199521495 @default.
• W4288057803 hasConceptScore W4288057803C23123220 @default.
• W4288057803 hasConceptScore W4288057803C38652104 @default.
• W4288057803 hasConceptScore W4288057803C41008148 @default.
• W4288057803 hasConceptScore W4288057803C80958533 @default.
• W4288057803 hasConceptScore W4288057803C81669768 @default.
• W4288057803 hasFunder F4320320671 @default.
• W4288057803 hasLocation W42880578031 @default.
• W4288057803 hasOpenAccess W4288057803 @default.
• W4288057803 hasPrimaryLocation W42880578031 @default.
• W4288057803 hasRelatedWork W1597238586 @default.
• W4288057803 hasRelatedWork W2001121861 @default.
• W4288057803 hasRelatedWork W2086064646 @default.
• W4288057803 hasRelatedWork W2115485936 @default.
• W4288057803 hasRelatedWork W2119135658 @default.
• W4288057803 hasRelatedWork W2349174110 @default.
• W4288057803 hasRelatedWork W2357241418 @default.
• W4288057803 hasRelatedWork W2792377126 @default.
• W4288057803 hasRelatedWork W3022131925 @default.
• W4288057803 hasRelatedWork W83344948 @default.
• W4288057803 isParatext "false" @default.
• W4288057803 isRetracted "false" @default.
• W4288057803 workType "article" @default.