Explanipedia

Doctor: Optimizing Container Rebuild Efficiency by Instruction Re-orchestration Open

Zhiling Zhu, Tieming Chen, Chengwei Liu, Han Liu, Qijie Song , et al. · 2025

Containerization has revolutionized software deployment, with Docker leading the way due to its ease of use and consistent runtime environment. As Docker usage grows, optimizing Dockerfile performance, particularly by reducing rebuild time…

APT Detection via Hypergraph Attention Network with Community-Based Behavioral Mining Open

Qijie Song, Tieming Chen, Tiantian Zhu, Mingqi Lv, Xuebo Qiu , et al. · 2025

Computer science Psychology

Advanced Persistent Threats (APTs) challenge cybersecurity due to their stealthy, multi-stage nature. For the provenance graph based on fine-grained kernel logs, existing methods have difficulty distinguishing behavior boundaries and handl…

ActMiner: Applying Causality Tracking and Increment Aligning for Graph-based Cyber Threat Hunting Open

Mingjun Ma, Tiantian Zhu, Tieming Chen, Shuang Li, Jie Ying , et al. · 2025

Computer science Business Psychology

To defend against Advanced Persistent Threats on the endpoint, threat hunting employs security knowledge such as cyber threat intelligence to continuously analyze system audit logs through retrospective scanning, querying, or pattern match…

An Interpretable Network Intrusion Detection Model via Decision Tree Enhanced Deep Attention Network Open

Mingqi Lv, Siyang Gan, Kang Xu, Tieming Chen, Tiantian Zhu , et al. · 2025

Network intrusion detection (NID) plays a crucial role in cybersecurity by identifying network attacks from network traffic. In recent years, the deep learning technique has become a tendency for the NID problem. However, a major drawback …

ProvADShield: A Multimodel Ensemble Defender Against Adversarial Attacks on Provenance Graph Host Intrusion Detector Open

Mingqi Lv, Kechang Qian, Tieming Chen, Tiantian Zhu, Jinyin Chen · 2025

HID (host intrusion detection) is a security mechanism for detecting malicious activities performed in a host (e.g., a server, an edge device). Recent research has recast HID as a provenance graph learning problem thanks to the advancement…

METANOIA: A Lifelong Intrusion Detection and Investigation System for Mitigating Concept Drift Open

Jie Ying, Tiantian Zhu, Aohan Zheng, Tieming Chen, Mingqi Lv , et al. · 2024

Computer science Geology

As Advanced Persistent Threat (APT) complexity increases, provenance data is increasingly used for detection. Anomaly-based systems are gaining attention due to their attack-knowledge-agnostic nature and ability to counter zero-day vulnera…

DEHYDRATOR: Enhancing Provenance Graph Storage via Hierarchical Encoding and Sequence Generation Open

Jiale Ying, Tiantian Zhu, Mingqi Lv, Tieming Chen · 2024

Computer science Biology

As the scope and impact of cyber threats have expanded, analysts utilize audit logs to hunt threats and investigate attacks. The provenance graphs constructed from kernel logs are increasingly considered as an ideal data source due to thei…

TREC: APT Tactic / Technique Recognition via Few-Shot Provenance Subgraph Learning Open

Mingqi Lv, HongZhe Gao, Xinjiang Qiu, Tieming Chen, Tiantian Zhu , et al. · 2024

Computer science Mathematics

APT (Advanced Persistent Threat) with the characteristics of persistence,\nstealth, and diversity is one of the greatest threats against\ncyber-infrastructure. As a countermeasure, existing studies leverage provenance\ngraphs to capture th…

CRUcialG: Reconstruct Integrated Attack Scenario Graphs by Cyber Threat Intelligence Reports Open

Wenrui Cheng, Tiantian Zhu, Tieming Chen, Qixuan Yuan, Jie Ying , et al. · 2024

Computer science

Cyber Threat Intelligence (CTI) reports are factual records compiled by security analysts through their observations of threat events or their own practical experience with attacks. In order to utilize CTI reports for attack detection, exi…

MVD-HG: multigranularity smart contract vulnerability detection method based on heterogeneous graphs Open

Jingjie Xu, Ting Wang, Mingqi Lv, Tieming Chen, Tiantian Zhu , et al. · 2024

Computer science

Smart contracts have significant losses due to various types of vulnerabilities. However, traditional vulnerability detection methods rely extensively on expert rules, resulting in low detection accuracy and poor adaptability to novel atta…

Nip in the Bud: Forecasting and Interpreting Post-exploitation Attacks in Real-time through Cyber Threat Intelligence Reports Open

Tiantian Zhu, Jie Ying, Tieming Chen, Chunlin Xiong, Wenrui Cheng , et al. · 2024

Computer science Business

Advanced Persistent Threat (APT) attacks have caused significant damage worldwide. Various Endpoint Detection and Response (EDR) systems are deployed by enterprises to fight against potential threats. However, EDR suffers from high false p…

SPARSE: Semantic Tracking and Path Analysis for Attack Investigation in Real-time Open

Jie Ying, Tiantian Zhu, Wenrui Cheng, Qixuan Yuan, Mingjun Ma , et al. · 2024

Computer science Psychology

As the complexity and destructiveness of Advanced Persistent Threat (APT) increase, there is a growing tendency to identify a series of actions undertaken to achieve the attacker's target, called attack investigation. Currently, analysts c…

HTTPSmell: A Deep Learning Approach on Malicious HTTP Traffic Detection via Data Augmentation and Label Refactoring Open

Tieming Chen, Xinjiang Qiu, Zhengqiu Weng, Tiantian Zhu, Mingqi Lv , et al. · 2024

Computer science

Anomaly detection is essential to ensuring system security and reliability. As one of the basic techniques in the cyberattack, the existing malicious traffic classification method has been facing diverse challenges such as insufficient sam…

Language Inclusion Checking of Timed Automata Based on Property Patterns Open

Ting Wang, Yan Shen, Tieming Chen, Baiyang Ji, Tiantian Zhu , et al. · 2022

Computer science Philosophy

The language inclusion checking of timed automata is described as the following: given two timed automata M and N, where M is a system model and N is a specification model (which represents the properties that the system needs to satisfy),…

A Heterogeneous Graph Learning Model for Cyber-Attack Detection Open

Mingqi Lv, Chengyu Dong, Tieming Chen, Tiantian Zhu, Qijie Song , et al. · 2021

Computer science

A cyber-attack is a malicious attempt by experienced hackers to breach the target information system. Usually, the cyber-attacks are characterized as hybrid TTPs (Tactics, Techniques, and Procedures) and long-term adversarial behaviors, ma…

APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts Open

Tiantian Zhu, Jinkai Yu, Tieming Chen, Jiayu Wang, Jie Ying , et al. · 2021

Computer science

Advanced Persistent Threat (APT) attack usually refers to the form of long-term, covert and sustained attack on specific targets, with an adversary using advanced attack techniques to destroy the key facilities of an organization. APT atta…

Privacy-Aware Fuzzy Skyline Parking Recommendation Using Edge Traffic Facilities Open

Yinglong Li, Fan Liu, Jiaye Zhang, Tieming Chen, Hong Chen , et al. · 2021

Computer science Engineering History

Drivers have always been confronted with real-time parking difficulties when driving on urban roads, especially in crowded downtown or beauty spots. On the other hand, privacy leakage risks on users' private parking preferences and the sen…

A Payload Based Malicious HTTP Traffic Detection Method Using Transfer Semi-Supervised Learning Open

Tieming Chen, Yunpeng Chen, Mingqi Lv, Gongxun He, Tiantian Zhu , et al. · 2021

Computer science Mathematics

Malicious HTTP traffic detection plays an important role in web application security. Most existing work applies machine learning and deep learning techniques to build the malicious HTTP traffic detection model. However, they still suffer …

A Collaborative Deep and Shallow Semisupervised Learning Framework for Mobile App Classification Open

Mingqi Lv, Chao Huang, Tieming Chen, Ting Wang · 2020

Computer science

With the rapid growth of mobile Apps, it is necessary to classify the mobile Apps into predefined categories. However, there are two problems that make this task challenging. First, the name of a mobile App is usually short and ambiguous t…

DroidVecDeep: Android Malware Detection Based on Word2Vec and Deep Belief Network Open

Tieming Chen, Qingyu Mao, Mingqi Lv, Hongbing Cheng, Yinglong Li · 2019

Computer science

With the proliferation of the Android malicious applications, malware becomes more capable of hiding or confusing its malicious intent through the use of code obfuscation, which has significantly weaken the effectiveness of the conventiona…

TinyDroid: A Lightweight and Efficient Model for Android Malware Detection and Classification Open

Tieming Chen, Qingyu Mao, Yimin Yang, Mingqi Lv, Jianming Zhu · 2018

Computer science

With the popularity of Android applications, Android malware has an exponential growth trend. In order to detect Android malware effectively, this paper proposes a novel lightweight static detection model, TinyDroid , using instruction sim…

From Wireless Sensor Networks to Wireless Body Area Networks: Formal Modeling and Verification on Security Using PAT Open

Tieming Chen, Zhenbo Yu, Shijian Li, Bo Chen · 2015

Computer science Engineering Medicine

Model checking has successfully been applied on verification of security protocols, but the modeling process is always tedious and proficient knowledge of formal method is also needed although the final verification could be automatic depe…

Formalizing and verifying stochastic system architectures using Monterey Phoenix (SoSyM abstract) Open

Songzheng Song, Yang Liu, Mikhail Auguston, Jun Sun, Jin Song Dong , et al. · 2015

Computer science Art

The analysis of software architecture plays an important role in understanding the system structures and facilitate proper implementation of user requirements. Despite its importance in the software engineering practice, the lack of formal…

Tieming Chen YOU? Author Swipe