top of page
logo malizen cybersecurité

SHADEWATCHER Recommendation-guided Cyber Threat Analysis

Updated: Aug 22, 2023

We often talk about it and you already know it, recommendation systems are taking over the world! (you wish)


Today we are talking about SHADEWATCHER. It is a tool that uses the principles of collaborative recommender systems to perform attack detection.


This system uses data provenance analysis on audit records to search for anomalies or known attack patterns. It addresses limitations of existing approaches such as generating false alarms, relying on expert knowledge, and producing coarse-grained detection signals. SHADEWATCHER uses graph neural networks to improve detection effectiveness and is equipped with dynamic updates to better generalize to false alarms.


In the end, this tool is quite effective! The system was evaluated against real-life and simulated cyber-attack scenarios and showed high precision and recall rates and was able to identify threats from nearly a million system entity interactions within seconds.

So, does this tool have a good future for attack detection?


Commentaires


logo Malizen

Follow our adventures !

  • Discorde
  • X
  • LinkedIn

Subscribe to our newsletter

Be notified every time we have news !

Thanks for subscribing !

By subscribing, I agree to the General Terms of Use and Privacy Policy.

bottom of page