4 matches found
Failing Open
Overview Affected versions of this package are vulnerable to Failing Open in plugin installation, when signature verification is required, but the .prov file is missing. An attacker can execute arbitrary code by providing a malicious plugin archive that omits provenance data, thereby bypassing...
Learning the APT Kill Chain: Temporal Reasoning over Provenance Data for Attack Stage Estimation
Advanced Persistent Threats APTs evolve through multiple stages, each exhibiting distinct temporal and structural behaviors. Accurate stage estimation is critical for enabling adaptive cyber defense. This paper presents StageFinder, a temporal graph learning framework for multi-stage attack...
MirGuard: Towards a Robust Provenance-Based Intrusion Detection System against Graph Manipulation Attacks
Learning-based Provenance-based Intrusion Detection Systems PIDSes have become essential tools for anomaly detection in host systems due to their ability to capture rich contextual and structural information, as well as their potential to detect unknown attacks. However, recent studies have shown...
StealthInk: a Multi-Bit and Stealthy Watermark for Large Language Models
Watermarking for large language models LLMs offers a promising approach to identifying AI-generated text. Existing approaches, however, either compromise the distribution of original generated text by LLMs or are limited to embedding zero-bit information that only allows for watermark detection b...