Author:
Cui Can,Yang Zhuorao,Cui Baojiang
Reference18 articles.
1. Backtracking intrusions
2. MITRE ATT&CK[OL]. https://attack.mitre.org/.
3. {SLEUTH}: Real-time attack scenario reconstruction from {COTS} audit data;Hossain,2017
4. Poirot: Aligning attack behavior with kernel audit records for cyber threat hunting[C];Milajerdi,2019
5. Holmes: real-time apt detection through correlation of suspicious information flows;Milajerdi,2019