Warning-Graph: An Early Warning Framework for APT Attacks Based on Threat Intelligence Modeling

Advanced Persistent Threats (APTs, which are long-term targeted attacks by sophisticated adversaries) are becoming harder to detect early. This paper introduces Warning-Graph, a framework that uses threat intelligence modeling (analyzing data about known attack patterns and infrastructure) to identify ongoing APT attacks by examining IoCs (indicators of compromise, or digital clues that show an attack happened) without needing lots of labeled training data. The framework uses graph-based machine learning techniques to improve detection accuracy by 3-5 percentage points compared to existing methods.