ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2604.08739v1· 20 results

cs.CRRecentMay 23, 2026

Analyzing Concentration, Temporal Routines and Targeting in Public Ransomware Leak Site Data

Lea Müller, York Yannikos

By analyzing over 27,000 posts from 325 public ransomware leak sites, this paper demonstrates that ransomware groups exhibit non-random, predictable operational regularities concerning victim concentr…

View →
cs.CRRecentApr 19, 2026

Explainable Attention-Based LSTM Framework for Early Detection of AI-Assisted Ransomware via File System Behavioral Analysis

Prabhudarshi Nayak, Gogulakrishnan Thiyagarajan, Debashree Priyadarshini, Vinay Bist +1 more

The paper proposes an explainable attention-based LSTM framework to achieve early and reliable detection of advanced, AI-assisted ransomware by analyzing file system behavioral sequences.

View →
cs.CRRecentApr 22, 2026

TL-RL-FusionNet: An Adaptive and Efficient Reinforcement Learning-Driven Transfer Learning Framework for Detecting Evolving Ransomware Threats

Jannatul Ferdous, Rafiqul Islam, Arash Mahboubi, Md Zahidul Islam

TL-RL-FusionNet is a novel reinforcement learning-guided framework that enhances ransomware detection by adaptively focusing on complex, evolving threats, achieving high accuracy and superior efficien…

View →
cs.CRRecentApr 18, 2026

Privacy-Aware Machine Unlearning with SISA for Reinforcement Learning-Based Ransomware Detection

Jannatul Ferdous, Rafiqul Islam, Md Zahidul Islam

The paper proposes a privacy-aware machine unlearning framework using SISA training to efficiently remove the influence of specific training data from RL-based ransomware detectors with minimal perfor…

View →
cs.CRRecentMay 13, 2026

Memory Forensics Techniques for Automated Detection and Analysis of Go Malware

Hala Ali, Andrew Case, Irfan Ahmed

The paper introduces a novel memory forensics framework to perform runtime analysis of Go malware, successfully recovering critical execution state and artifacts that are invisible to traditional stat…

View →
cs.CRRecentApr 27, 2026

Detecting Avalanche Effect in Adversarial Settings: Spotting the Encryption Loops in Ransomware

Nanqing Luo, Xusheng Li, Haizhou Wang, Shuangyi Zhu +2 more

The paper introduces a novel record-and-replay detection mechanism to accurately detect the true avalanche effect in ransomware, achieving high accuracy against real-world samples.

View →
cs.CRcs.LGRecentApr 30, 2026

Trident: Improving Malware Detection with LLMs and Behavioral Features

Rebecca Saul, Jingzhi Jiang, Elliott Chia, David Wagner

The paper introduces Trident, a novel malware detection system that combines static features, LLM-derived behavioral rules, and direct LLM analysis to achieve superior robustness against concept drift…

View →
cs.CRcs.LGRecentApr 26, 2026

SeqShield: A Behavioral Analysis Approach to Uncover Rootkits

Paras Ghodeshwar, Sandeep K Shukla, Anand Handa, Nitesh Kumar

SeqShield proposes a behavior-based rootkit detection system for Windows by analyzing API call sequences using n-gram features, achieving high detection accuracy even against mutated malware variants.

View →
cs.CRRecentMay 15, 2026

STRIKE: A Structured Taxonomy of Cybercrime for Risk, Impact, Knowledge, and Evolution

Melissa Pappy, Linh Nguyen, Suman Kumar, Byungkwan Jung +1 more

The paper introduces STRIKE, a multi-dimensional structured taxonomy designed to provide a comprehensive and unified framework for classifying the rapidly evolving complexity of modern cybercrimes.

View →
cs.CRcs.SERecentApr 28, 2026

GenDetect: Generalizing Reactive Detection for Resilience Against Imitative DeFi Attack Cascade

Bowen Cai, Weiheng Bai, Youshui Lu, Haoran Xu +3 more

GenDetect introduces a novel framework to rapidly generalize detection rules from single observed DeFi exploits, significantly improving resilience against subsequent, similar 'Imitative Attack Cascad…

View →
cs.CRRecentApr 3, 2026

ML Defender (aRGus NDR): An Open-Source Embedded ML NIDS for Botnet and Anomalous Traffic Detection in Resource-Constrained Organizations

Alonso Isidoro Román

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

View →
cs.CRcs.LGRecentApr 29, 2026

eDySec: A Deep Learning-based Explainable Dynamic Analysis Framework for Detecting Malicious Packages in PyPI Ecosystem

Sk Tanzir Mehedi, Raja Jurdak, Chadni Islam, Abu Bakar Siddique Mahi +1 more

eDySec introduces a deep learning framework for dynamic behavioral analysis that significantly improves the detection of malicious software packages in the PyPI ecosystem by enhancing stability and ex…

View →
cs.CRRecentMay 15, 2026

MalwarePT: A Binary-Level Foundation Model for Malware Analysis

Saastha Vasan, Yuzhou Nie, Kaie Chen, Yigitcan Kaya +5 more

MalwarePT introduces a novel binary-level foundation model, pretrained on Windows PE code-section bytes using a ModernBERT-style encoder, demonstrating superior transfer learning capabilities across v…

View →
cs.CRcs.AIcs.LGRecentMay 11, 2026

MambaNetBurst: Direct Byte-level Network Traffic Classification without Tokenization or Pretraining

Gayan K. Kulatilleke, Siamak Layeghy, Mahsa Baktashmotlagh, Marius Portmann

MambaNetBurst introduces a compact, tokenizer-free byte-level classifier using a Mamba-2 backbone to achieve strong network traffic classification without requiring pre-training or complex data prepro…

View →
cs.CRRecentMay 2, 2026

Trace: Unmasking AI Attack Agents Through Terminal Behavior Fingerprinting

Murali Ediga, Sudipta Chattopadhyay

The paper introduces Trace, a forensic framework that fingerprints the model family of autonomous AI attack agents using terminal behavior, enabling subsequent prompt injection to extract system promp…

View →
cs.CRRecentMay 28, 2026

HunterAgent: Neuro-Symbolic Attack Trace Reconstruction under Anti-Forensics

Guangze Zhao, Yongzheng Zhang, Weilin Gai, Hongri Liu +2 more

HunterAgent is a neuro-symbolic framework that reconstructs causal attack chains from fragmented, anti-forensics-corrupted logs, achieving high accuracy while drastically reducing hallucination.

View →
cs.CRcs.AIcs.DCRecentApr 5, 2026

Automating Cloud Security and Forensics Through a Secure-by-Design Generative AI Framework

Dalal Alharthi, Ivan Roberto Kawaminami Garcia

The paper proposes a secure-by-design Generative AI framework that integrates PromptShield for LLM security and CIAF for structured cloud forensic investigation, significantly improving both robustnes…

View →
cs.CRRecentMar 17, 2026

SynthChain: A Synthetic Benchmark and Forensic Analysis of Advanced and Stealthy Software Supply Chain Attacks

Zhuoran Tan, Wenbo Guo, Taylor Brierley, Jiewen Luo +2 more

The paper introduces SynthChain, a comprehensive, multi-source synthetic testbed and dataset that demonstrates that detecting advanced software supply chain attacks requires fusing evidence from multi…

View →
cs.CRRecentMay 7, 2026

Beyond Collection: Measuring the Detection Efficacy of Modern Security Logging Standards

Ryan Holeman, John Hastings, Varghese Mathew Vaidyan

This paper systematically evaluates modern security logging standards (CIM, OCSF, ECS) using a novel framework to quantify their detection efficacy across diverse exploit scenarios, revealing critical…

View →
cs.CRcs.CLcs.LGRecentMay 27, 2026

Code as a Weapon: A Consensus-Labeled Prompt Bank for Measuring Coding-Model Compliance with Malicious-Code Requests

Richard J. Young, Gregory D. Moody

The paper introduces a large, consensus-labeled prompt bank that reliably distinguishes between requests for executable malicious code and requests for harmful security knowledge, providing a standard…

View →