top of page

SHADEWATCHER Recommendation-guided Cyber Threat Analysis

We often talk about it and you already know it, recommendation systems are taking over the world! (you wish)


Today we are talking about SHADEWATCHER. It is a tool that uses the principles of collaborative recommender systems to perform attack detection.


This system uses data provenance analysis on audit records to search for anomalies or known attack patterns. It addresses limitations of existing approaches such as generating false alarms, relying on expert knowledge, and producing coarse-grained detection signals. SHADEWATCHER uses graph neural networks to improve detection effectiveness and is equipped with dynamic updates to better generalize to false alarms.


In the end, this tool is quite effective! The system was evaluated against real-life and simulated cyber-attack scenarios and showed high precision and recall rates and was able to identify threats from nearly a million system entity interactions within seconds.

So, does this tool have a good future for attack detection?


https://jun-zeng.github.io/file/shadewatcher_paper.pdf

Recent Posts

See All

Today, as the use of digital technology increases, so does the risk of threat. Traditionally, cyber security has focused on understanding and resolving alerts. But a fine-grained understanding of curr

Malizen cybersecurity operations france

Follow our adventures !

  • Discorde
  • Gazouillement
  • Linkedin

Subscribe to our newsletter

Be notified every time we have news!

Thanks for subscribing !

By subscribing, I agree to the Terms of Use and Privacy Policy.

bottom of page