6 matches found
NLLog: Lightweight, Explainable SOC Anomaly Detection Via Log-To-Language Rewriting
System-generated logs underpin security monitoring, yet their rigid template-based format hinders both automated analysis and human comprehension. We present NLLog Natural-Language Log, a lightweight pipeline that deterministically rewrites parsed templates into WHO-WHAT-SEVERITY sentences, pools...
Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach
The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...
Automated Malware Family Classification Using Weighted Hierarchical Ensembles of Large Language Models
Malware family classification remains a challenging task in automated malware analysis, particularly in real-world settings characterized by obfuscation, packing, and rapidly evolving threats. Existing machine learning and deep learning approaches typically depend on labeled datasets, handcrafted...
Empirical Evaluation of SMOTE in Android Malware Detection with Machine Learning: Challenges and Performance in CICMalDroid 2020
Malware, malicious software designed to damage computer systems and perpetrate scams, is proliferating at an alarming rate, with thousands of new threats emerging daily. Android devices, prevalent in smartphones, smartwatches, tablets, and IoTs, represent a vast attack surface, making malware...
Binary and Multiclass Cyberattack Classification on GeNIS Dataset
The integration of Artificial Intelligence AI in Network Intrusion Detection Systems NIDS is a promising approach to tackle the increasing sophistication of cyberattacks. However, since Machine Learning ML and Deep Learning DL models rely heavily on the quality of their training data, the lack of...
MISLEADER: Defending against Model Extraction with Ensembles of Distilled Models
Model extraction attacks aim to replicate the functionality of a black-box model through query access, threatening the intellectual property IP of machine-learning-as-a-service MLaaS providers. Defending against such attacks is challenging, as it must balance efficiency, robustness, and utility...