Cyber Threat Intelligence

Oct 14, 2019

Our focus is on systematic curation, characterization, measurement, and forensics of cyber threat intelligence (e.g., malware samples, infection traces, natural language threat descriptions).

CTI

Birhanu Eshete

Principal Investigator

trustworthy machine learning, cybercrime analysis, and cyber threat intelligence.

Publications

Poirot: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting

Cyber threat intelligence (CTI) is being used to search for indicators of attacks that might have compromised an enterprise network for …

Sadegh M. Milajerdi, Birhanu Eshete, Rigel Gjomemo, V.N. Venkatakrishnan

Preprint PDF Project

HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows

In this paper, we present a new approach for the detection of Advanced and Persistent Threats (APTs). Our approach is inspired by …

Sadegh M. Milajerdi, Rigel Gjomemo, Birhanu Eshete, R. Sekar, V.N. Venkatakrishnan

Preprint PDF Dataset Project

ProPatrol: Attack Investigation via Extracted High-Level Tasks

Kernel audit logs are a valuable source of information in the forensic investigation of a cyber attack. However, the coarse gran- …

Sadegh M. Milajerdi, Birhanu Eshete, Rigel Gjomemo, V.N. Venkatakrishnan

PDF Project

SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data

We present an approach and system for real-time recon- struction of attack scenarios on an enterprise host. To meet the scalability and …

Md Nahid Hossain, Sadegh M. Milajerdi, Junao Wang, Birhanu Eshete, Rigel Gjomemo, R. Sekar, Scott D. Stoller, V.N. Venkatakrishnan

PDF Project Slides Video