xct's notes
xct's notes
Introduction
Red Team
Active Directory
Host Enum
Payloads
Passwords
Privilege Escalation
Evasion & Bypasses
Concepts & Research
Binary Exploitation
Web
Cloud
Mobile
Hardware
Crypto
Templates
Misc
Blue Team
Active Directory
Malware Analysis
SIEM
Misc
Keys & Signing
Language & Framwork Specifics
Misc
HackTheBox
Crossfit
Luanne
APT
Powered by GitBook

SIEM

Intrusion Detection Research

DeepLog

https://www.cs.utah.edu/~lifeifei/papers/deeplog.pdf

View log entries as elements of a sequence that follow certain patterns and grammar rules. A system log is produced by a program that follows a rigorous set of logic and control flows, and is very much like a natural language. DeepLog is a deep neural network that models this sequence of log entries using a Long Short-Term Memory (LSTM).

Ensemble-Based Online Machine Learning Algorithms for Network Intrusion Detection Systems Using Streaming Data

https://www.mdpi.com/2078-2489/11/6/315/pdf

Operates on streams of data, trained online or “live” on only a small amount of data kept in memory at a time, as opposed to the more classical approaches that are trained solely offline on all of the data at once. Each ensemble or stand-alone algorithm runs through a form of online supervised learning where each sample is tested and then trained on in sequence. Compares KNN/SVM/Hoeffding Adapative Trees/Adaptive Random Forests.

A Survey of Network-based Intrusion Detection Data Sets

https://arxiv.org/pdf/1903.02460.pdf

The paper identifies 15 different properties to assess the suitability of individual data sets for specific evaluation scenarios.

eXpose: A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs, File Paths and Registry Keys

https://arxiv.org/pdf/1702.08568.pdf

Datasets

Blue Team - Previous
Malware Analysis
Next - Misc
Keys & Signing
Last updated 2 months ago
Contents
Intrusion Detection Research
Datasets