In this blog, I will talk about an attack against the OSPF protocol published by Alex Kirshon, Dima Gonikman, and Gabi Nakibly during a BlackHat confe ...

原文标题：Poirot: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting 原文作者：Sadegh M. Milajerdi，Birhanu Eshete，Rigel Gjomemo，V.N. Ve ...

本书涉及面较广，但没有太多的干货。寸之深，亩之阔，适合作为科普读物快速阅读。 Ⅰ 基础知识 1 开启网络安全态势感知的旅程 （1）网络安全态势感知本质上就是获取并理解大量网络安全数据，判断当前整体安全状态并预测短期未来趋势。总体而言可分为三个阶段：态势提取、态势理解和态势预测，三个部分同步并行， ...

原文标题：UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats 原文作者：Xueyuan Han∗, Thomas Pasquiery, Adam Batesz, James Mickens∗ and M ...

原文标题：Model of the intrusion detection system based on the integration of spatial-temporal features 原文作者：Jianwu Zhang, Yu Ling, Xingbing Fu, Xiongkun Y ...

原文标题：An Intelligence-Driven Security-Aware Defense Mechanism for Advanced Persistent Threats 原文作者：Yuqing Li, Wenkuan Dai, Jie Bai, Xiaoying Gan, Membe ...

原文标题：Analysis of high volumes of network traffic for Advanced Persistent Threat detection 原文作者：Mirco Marchetti, Fabio Pierazzi∗, Michele Colajanni, Al ...

原文标题：Enabling Refinable Cross-Host Attack Investigation with Efficient Data Flow Tagging and Tracking 原文作者：Yang Ji, Sangho Lee, Mattia Fazzini, Joey A ...

原文标题：SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data 原文作者：Md Nahid Hossain, Stony Brook University; Sadegh M. Milajerdi, Univers ...

原文标题：HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows 原文作者：Sadegh M. Milajerdi, Rigel Gjomemo, Birhanu Eshete, R. S ...