[1] 彭祯方, 邢国强, 陈兴跃. 人工智能在网络安全领域的应用及技术综述[J]. 信息安全研究, 2022, 8(2): 110-116
[2] Pasquier T, Han X, Moyer T, et al. Runtime Analysis of Whole-System Provenance[C]// ACM Conference on Computer and Communications Security (CCS'18). New York: ACM, 2018:1601-1616
[3] Pasquier T, Han X, Moyer T, et al. Practical Whole-System Provenance Capture. Symposium on Cloud Computing[C]// Proceedings of the 2017 Symposium on Cloud Computing. New York: ACM, 2017:405-418
[4] Milajerdi S, Gjomemo R, Eshete B, et al. HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows [C]// 2019 IEEE Symposium on Security and Privacy (SP). Piscataway, NJ: IEEE, 2019: 1137-1152
[5] King S T, Chen P M. Backtracking intrusions[C]// Proceedings of the 19th ACM Symposium on Operating Systems Principles 2003. New York: ACM, 2003: 223-236
[6] Kwon Y, Wang F, Wang W, et al. MCI:Modeling-based Causality Inference in Audit Logging for Attack Investigation[C]// Network and Distributed System Security Symposium. Rosten, VA: ISOC 2018
[7] Kwon Y, Kim D, Sumner W N, et al. LDX: Causality Inference by Lightweight Dual Execution[C]// ACM SIGARCH Computer Architecture News 2016. New York: ACM 2016:503-515
[8] Hassan W U, Noureddine M A, Datta P, et al. OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis[C]// Network and Distributed System Security Symposium. Rosten, VA: ISOC 2020
[9] King S T, Mao Z M, Lucchetti D G, et al. Enriching intrusion alerts through multi-host causality[C]//Network & Distributed System Security Symposium. Rosten, VA: ISOC 2005.
[10] Haas S, Sommer R, Fischer M. zeek-osquery: Host-Network Correlation for Advanced Monitoring and Intrusion Detection[C]// ICT Systems Security and Privacy Protection. SEC 2020. IFIP Advances in Information and Communication Technology. Cham:Springer 2020
[11] Ji Y, Lee S, Fazzini, et al. Enabling refinable cross-host attack investigation with efficient data flow tagging and tracking[C]//In Proceedings of The 27th USENIX Security Symposium. Berkeley: USENIX Association 2018: 1705-1722
[12] Liu Y , Zhang M , Li D , et al. Towards a Timely Causality Analysis for Enterprise Security[C]// Network and Distributed System Security Symposium. Rosten, VA: ISOC 2018
[13] Hassan W U, Guo S, Li D, et al. NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage[C]// Network and Distributed System Security Symposium. Rosten, VA: ISOC 2019
[14] Milajerdi S M, Eshete B, Gjomemo R, et al. POIROT: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting[C]// ACM Conference on Computer and Communications Security (CCS'19). New York: ACM, 2019: 1795–1812
[15] Hassan W U, Bates A, Marino D. Tactical Provenance Analysis for Endpoint Detection and Response Systems[C]// 2020 IEEE Symposium on Security and Privacy (SP). Piscataway, NJ: IEEE, 2020:1172-1189
[16] Bordes A, Usunier N, Garcia-Duran A, et al. Translating Embeddings for Modeling Multi-relational Data[C]// Conference and Workshop on Neural Information Processing Systems. New York:Curran Associates Inc. 2013
[17] Yankai L, Zhiyuan L, Maosong S, et al. Learning Entity and Relation Embeddings with Entity Description for Knowledge Graph Completion[C]// Proceedings of the Twenty-Ninth AAAI Conference on Artificial Intelligence. Menlo Park: AAAI 2015:2181-2187
[18] Wang Z, Zhang J, Feng J, et al. Knowledge Graph Embedding by Translating on Hyperplanes[C]// Proceedings of the Twenty-Ninth AAAI Conference on Artificial Intelligence. Menlo Park: AAAI Press 2014:1112-1119
[19] Jain A K, Murty M N, Flynn P J. Data Clustering: A Review[J]. Acm Computing Surveys, 1999, 31(3): 264-323
[20] Eshete B, Gjomemo R, Hossain M N, et al. Attack Analysis Results for Adversarial Engagement 1 of the DARPA Transparent Computing Program[J]. arXiv preprint 2016
[21] Grover A , Leskovec J. node2vec: Scalable Feature Learning for Networks[C]// Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Ming. New York: ACM 2016:855-864
[22] Dong Y, Chawla N V, Swami A. metapath2vec: Scalable Representation Learning for Heterogeneous Networks [C]// Proceedings of the 23nd ACM SIGKDD International Conference on Knowledge Discovery and Data Ming. . New York: ACM 2017:125-144
|