Attack Pattern

Attack pattern research focuses on identifying and classifying recurring malicious actions in various cyber environments, aiming to improve threat detection and response. Current research heavily utilizes machine learning, employing models like convolutional neural networks, graph neural networks, and one-class SVMs, often enhanced by techniques such as self-attention and ensemble methods, to analyze diverse data sources including network traffic, system logs, and threat intelligence reports. This work is crucial for enhancing cybersecurity defenses, enabling more effective intrusion detection systems, web application firewalls, and proactive threat mitigation strategies. The development of automated tools for attack pattern analysis, such as those leveraging large language models, is a significant area of advancement.

Papers

September 1, 2024

A Novel Self-Attention-Enabled Weighted Ensemble-Based Convolutional Neural Network Framework for Distributed Denial of Service Attack Classification
Kanthimathi S, Shravan Venkatraman, Jayasankar K S, Pranay Jiljith T, Jashwanth R
Convolutional Neural Network Long Form Novel Distributed Denial of Service Attack Pattern CNN Framework

August 10, 2024

Detecting Masquerade Attacks in Controller Area Networks Using Graph Machine Learning
William Marfo, Pablo Moriano, Deepak K. Tosh, Shirley V. Moore
Intrusion Detection Graph Machine Learning Attack Pattern Controller Area Network Masquerade Attack

July 26, 2024

Capturing the security expert knowledge in feature selection for web application attack detection
Amanda Riverol, Gustavo Betarte, Rodrigo Martínez, Álvaro Pardo
Feature Selection Mutual Information Attack Pattern Expert Driven Cybersecurity Instruction Web Attack Web Application Firewall

July 20, 2024

Operationalizing a Threat Model for Red-Teaming Large Language Models (LLMs)
Apurv Verma, Satyapriya Krishna, Sebastian Gehrmann, Madhavan Seshadri, Anu Pradhan, Tom Ault, Leslie Barrett, David Rabinowitz, John Doucette, NhatHai Phan
Large Language Model Medical LLM Red Teaming Threat Model Attack Pattern

July 5, 2024

Hybrid Machine Learning Approach For Real-Time Malicious Url Detection Using Som-Rmo And Rbfn With Tabu Search Optimization
Swetha T, Seshaiah M, Hemalatha KL, ManjunathaKumar BH, Murthy SVN
Radial Basis Function Self Organizing Map Hybrid Machine Learning Attack Pattern Uniform Resource Locator Url Detection Tabu Search

June 19, 2024

ModSec-Learn: Boosting ModSecurity with Machine Learning
Christian Scano, Giuseppe Floris, Biagio Montaruli, Luca Demetrio, Andrea Valenza, Luca Compagna, Davide Ariu, Luca Piras, Davide Balzarotti, Battista Biggio
Machine Learning Attack Pattern Web Attack Web Application Firewall

March 17, 2024

usfAD Based Effective Unknown Attack Detection Focused IDS Framework
Md. Ashraf Uddin, Sunil Aryal, Mohamed Reda Bouadjenek, Muna Al-Hawawreh, Md. Alamin Talukder
Intrusion Detection Pseudo Victim AttackER Attack Pattern Unknown Attack

January 3, 2024

Mining Temporal Attack Patterns from Cyberthreat Intelligence Reports
Md Rayhanur Rahman, Brandon Wroblewski, Quinn Matthews, Brantley Morgan, Tim Menzies, Laurie Williams
Cyber Attack Attack Pattern Cyberthreat Intelligence

August 9, 2023

Adversarial ModSecurity: Countering Adversarial SQL Injections with Robust Machine Learning
Biagio Montaruli, Luca Demetrio, Andrea Valenza, Luca Compagna, Davide Ariu, Luca Piras, Davide Balzarotti, Battista Biggio
Adversarial Attack Adversarial Robustness QuEry Based Attack Attack Pattern Web Application Firewall

July 17, 2023

December 28, 2022

HeATed Alert Triage (HeAT): Transferrable Learning to Extract Multistage Attack Campaigns
Stephen Moskal, Shanchieh Jay Yang
Cyber Attack Penetration Testing Novel Attack Attack Pattern Model Transfer Alert Triage

November 10, 2022

Zebra: Deeply Integrating System-Level Provenance Search and Tracking for Efficient Attack Investigation
Xinyu Yang, Haoyuan Liu, Ziyu Wang, Peng Gao
Web Tracking Data Provenance Novel Attack Attack Pattern

November 1, 2022

Looking Beyond IoCs: Automatically Extracting Attack Patterns from External CTI
Md Tanvirul Alam, Dipkamal Bhusal, Youngja Park, Nidhi Rastogi
Threat Intelligence Attack Pattern Textual Attack Cyberthreat Intelligence

December 8, 2021

Towards automation of threat modeling based on a semantic model of attack patterns and weaknesses
Andrei Brazhuk
Top Level Ontology Knowledge Base Decomposed Automation Correction Threat Model Semantic Model Physical Weakness Attack Pattern

Attack Pattern

Papers

A Novel Self-Attention-Enabled Weighted Ensemble-Based Convolutional Neural Network Framework for Distributed Denial of Service Attack Classification

Detecting Masquerade Attacks in Controller Area Networks Using Graph Machine Learning

Capturing the security expert knowledge in feature selection for web application attack detection

Operationalizing a Threat Model for Red-Teaming Large Language Models (LLMs)

Hybrid Machine Learning Approach For Real-Time Malicious Url Detection Using Som-Rmo And Rbfn With Tabu Search Optimization

ModSec-Learn: Boosting ModSecurity with Machine Learning

usfAD Based Effective Unknown Attack Detection Focused IDS Framework

Mining Temporal Attack Patterns from Cyberthreat Intelligence Reports

Adversarial ModSecurity: Countering Adversarial SQL Injections with Robust Machine Learning

A Machine Learning based Empirical Evaluation of Cyber Threat Actors High Level Attack Patterns over Low level Attack Patterns in Attributing Attacks

LogPr\'ecis: Unleashing Language Models for Automated Malicious Log Analysis

HeATed Alert Triage (HeAT): Transferrable Learning to Extract Multistage Attack Campaigns

Zebra: Deeply Integrating System-Level Provenance Search and Tracking for Efficient Attack Investigation

Looking Beyond IoCs: Automatically Extracting Attack Patterns from External CTI

Towards automation of threat modeling based on a semantic model of attack patterns and weaknesses