all InfoSec news
TBDetector:Transformer-Based Detector for Advanced Persistent Threats with Provenance Graph. (arXiv:2304.02838v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
APT detection is difficult to detect due to the long-term latency, covert and
slow multistage attack patterns of Advanced Persistent Threat (APT). To tackle
these issues, we propose TBDetector, a transformer-based advanced persistent
threat detection method for APT attack detection. Considering that provenance
graphs provide rich historical information and have the powerful attacks
historic correlation ability to identify anomalous activities, TBDetector
employs provenance analysis for APT detection, which summarizes long-running
system execution with space efficiency and utilizes transformer with
self-attention …
advanced advanced persistent threat advanced persistent threats analysis apt attack attacks attention correlation covert decoder detect detection detector efficiency extract features graphs identify information latency patterns persistent persistent threat persistent threats provenance provenance analysis slow space system threat threat detection threats