Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense

Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...

SoK: Harmonizing Attack Graphs and Intrusion Detection Systems

Detecting and responding to cyber attacks is increasingly difficult as high-volume, complex network traffic allows threats to remain concealed. While Intrusion Detection Systems IDSs identify anomalous behavior, Attack Graphs AGs serve as the primary threat model for analyzing attacker strategies...

Cybersecurity AI: A Game-Theoretic AI for Guiding Attack and Defense

AI-driven penetration testing now executes thousands of actions per hour but still lacks the strategic intuition humans apply in competitive security. To build cybersecurity superintelligence --Cybersecurity AI exceeding best human capability-such strategic intuition must be embedded into agentic...

SCyTAG: Scalable Cyber-Twin for Threat-Assessment Based on Attack Graphs

Understanding the risks associated with an enterprise environment is the first step toward improving its security. Organizations employ various methods to assess and prioritize the risks identified in cyber threat intelligence CTI reports that may be relevant to their operations. Some methodologi...

Finding Software Supply Chain Attack Paths with Logical Attack Graphs

Cyberattacks are becoming increasingly frequent and sophisticated, often exploiting the software supply chain SSC as an attack vector. Attack graphs provide a detailed representation of the sequence of events and vulnerabilities that could lead to a successful security breach in a system. MulVal ...

GNN-Enhanced Traffic Anomaly Detection for Next-Generation SDN-Enabled Consumer Electronics

Consumer electronics CE connected to the Internet of Things are susceptible to various attacks, including DDoS and web-based threats, which can compromise their functionality and facilitate remote hijacking. These vulnerabilities allow attackers to exploit CE for broader system attacks while...

Attack Graph Generation on HPC Clusters

Attack graphs AGs are graphical tools to analyze the security of computer networks. By connecting the exploitation of individual vulnerabilities, AGs expose possible multi-step attacks against target networks, allowing system administrators to take preventive measures to enhance their network's...

ATAG: AI-Agent Application Threat Assessment with Attack Graphs

Evaluating the security of multi-agent systems MASs powered by large language models LLMs is challenging, primarily because of the systems' complex internal dynamics and the evolving nature of LLM vulnerabilities. Traditional attack graph AG methods often lack the specific capabilities to model...

Outsmarting Cyber Threats with Attack Graphs

Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach that provides real-time insights into how attackers...