A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is
We address the problems of identifying malware in network telemetry logs and providing indicators of compromise – comprehensible explanations of behavioral patterns that identify the threat. In our system, an array of specialized detectors abstracts network-flow data into comprehensible network events in a first step. We develop a neural network that processes this sequence of events and identifies specific threats, malware families and broad categories of malware. We then use thearXiv:2106.12328v1 fatcat:go4odftttna4veyaqklyccukji