[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

Zipperle et al., 2024 - Google Patents

PARGMF: A provenance-enabled automated rule generation and matching framework with multi-level attack description model

Zipperle et al., 2024

View HTML
Document ID
14107674730201774997
Author
Zipperle M
Zhang Y
Chang E
Dillon T
Publication year
Publication venue
Journal of Information Security and Applications

External Links

Snippet

With the rapidly increasing volume of cyber-attacks over the past years due to the new working-from-home paradigm, protecting hosts, networks, and individuals from cyber threats is in higher demand than ever. One promising solution are Provenance-based Intrusion …
Continue reading at www.sciencedirect.com (HTML) (other versions)

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/30Information retrieval; Database structures therefor; File system structures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for programme control, e.g. control unit
    • G06F9/06Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme

Similar Documents

Publication Publication Date Title
Singh et al. A survey on machine learning-based malware detection in executable files
Noor et al. A machine learning framework for investigating data breaches based on semantic analysis of adversary’s attack patterns in threat intelligence repositories
Husari et al. Ttpdrill: Automatic and accurate extraction of threat actions from unstructured text of cti sources
Wüchner et al. Robust and effective malware detection through quantitative data flow graph metrics
Banin et al. Multinomial malware classification via low-level features
Continella et al. Prometheus: Analyzing WebInject-based information stealers
Keshavarzi et al. An ontology-driven framework for knowledge representation of digital extortion attacks
Carlin et al. Dynamic analysis of malware using run-time opcodes
Grégio et al. An ontology of suspicious software behavior
Bilot et al. A survey on malware detection with graph representation learning
Hannousse et al. A deep learner model for multi-language webshell detection
García-Teodoro et al. Multi-labeling of complex, multi-behavioral malware samples
Mail et al. Malware detection system using cloud sandbox, machine learning
Vu et al. A benchmark comparison of python malware detection approaches
Yang et al. A flexible approach for cyber threat hunting based on kernel audit records
Tian An integrated malware detection and classification system
Cavalli et al. Design of a secure shield for internet and web-based services using software reflection
Zipperle et al. PARGMF: A provenance-enabled automated rule generation and matching framework with multi-level attack description model
Rosli et al. Ransomware behavior attack construction via graph theory approach
Gandotra et al. A framework for generating malware threat intelligence
Bayazit et al. Protecting Android Devices from Malware Attacks: A State-of-the-Art Report of Concepts, Modern Learning Models and Challenges
Nguyen et al. MalView: Interactive visual analytics for comprehending malware behavior
Taylor Defending Against Typosquatting Attacks In Programming Language-Based Package Repositories
Kotenko et al. Ontological hybrid storage for security data
Sarath et al. Malware Forensics Analysis and Detection in Cyber Physical Systems