Cross-Vendor Knowledge Transfer for Managed Security Services with Triplet Network
Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security, pp. 59-69, 2019.
Managed security services detect incidents, i.e., successful attacks such as malware infection, in real time from a large number of alerts based on vendors' and security operations center's (SOC's) detection rules. To immediately find incidents, professional analysts in a SOC prioritize alerts if their indicators, i.e., meta-information o...More
Full Text (Upload PDF)
PPT (Upload PPT)