research
∙
08/28/2023
AI ATAC 1: An Evaluation of Prominent Commercial Malware Detectors
This work presents an evaluation of six prominent commercial endpoint ma...
share
research
∙
08/12/2022
Testing SOAR Tools in Use
Modern security operation centers (SOCs) rely on operators and a tapestr...
research
∙
01/20/2022
Assembling a Cyber Range to Evaluate Artificial Intelligence / Machine Learning (AI/ML) Security Tools
In this case study, we describe the design and assembly of a cyber secur...
research
∙
01/07/2022
Detecting CAN Masquerade Attacks with Signal Clustering Similarity
Vehicular Controller Area Networks (CANs) are susceptible to cyber attac...
research
∙
11/30/2021
A Mathematical Framework for Evaluation of SOAR Tools with Limited Survey Data
Security operation centers (SOCs) all over the world are tasked with rea...
research
∙
05/13/2021
What Clinical Trials Can Teach Us about the Development of More Resilient AI for Cybersecurity
Policy-mandated, rigorously administered scientific testing is needed to...
research
∙
01/14/2021
Time-Based CAN Intrusion Detection Benchmark
Modern vehicles are complex cyber-physical systems made of hundreds of e...
research
∙
12/29/2020
ROAD: The Real ORNL Automotive Dynamometer Controller Area Network Intrusion Detection Dataset (with a comprehensive CAN IDS dataset survey guide)
The Controller Area Network (CAN) protocol is ubiquitous in modern vehic...
research
∙
12/16/2020
Beyond the Hype: A Real-World Evaluation of the Impact and Cost of Machine Learning–Based Malware Detection
There is a lack of scientific testing of commercially available malware ...
research
∙
06/09/2020
CAN-D: A Modular Four-Step Pipeline for Comprehensively Decoding Controller Area Network Data
CANs are a broadcast protocol for real-time communication of critical ve...
research
∙
10/15/2019
Automated Ransomware Behavior Analysis: Pattern Extraction and Early Detection
Security operation centers (SOCs) typically use a variety of tools to co...
research
∙
04/30/2019
Active Manifolds: A non-linear analogue to Active Subspaces
We present an approach to analyze C^1(R^m) functions that addresses limi...
research
∙
01/31/2019
A Holistic Approach to Evaluating Cyber Security Defensive Capabilities
Metrics and frameworks to quantifiably assess security measures have ari...
research
∙
12/30/2018
Towards a CAN IDS based on a neural-network data field predictor
Modern vehicles contain a few controller area networks (CANs), which all...
research
∙
12/07/2018
How do information security workers use host data? A summary of interviews with security analysts
Modern security operations centers (SOCs) employ a variety of tools for ...
research
∙
11/19/2018
ACTT: Automotive CAN Tokenization and Translation
Modern vehicles contain scores of Electrical Control Units (ECUs) that b...
research
∙
11/01/2018
Defining a Metric Space of Host Logs and Operational Use Cases
Host logs, in particular, Windows Event Logs, are a valuable source of i...
research
∙
08/28/2018
Exploiting the Shape of CAN Data for In-Vehicle Intrusion Detection
Modern vehicles rely on scores of electronic control units (ECUs) broadc...
research
∙
05/24/2018
Forming IDEAS Interactive Data Exploration & Analysis System
Modern cyber security operations collect an enormous amount of logging a...
research
∙
05/16/2018
A Survey of Intrusion Detection Systems Leveraging Host Data
This survey focuses on intrusion detection systems (IDS) that leverage h...
research
∙
02/07/2018
Dimension Reduction Using Active Manifolds
Scientists and engineers rely on accurate mathematical models to quantif...
research
∙
10/25/2017
Setting the threshold for high throughput detectors: A mathematical approach for ensembles of dynamic, heterogeneous, probabilistic anomaly detectors
Anomaly detection (AD) has garnered ample attention in security research...
research
∙
02/02/2016
GraphPrints: Towards a Graph Analytic Method for Network Anomaly Detection
This paper introduces a novel graph-analytic approach for detecting anom...
research
∙
04/16/2015
Towards a relation extraction framework for cyber-security concepts
In order to assist security analysts in obtaining information pertaining...
research
∙
10/16/2014