Expert knowledge and data analysis for detecting advanced persistent threats

被引：9

作者：

Ramon Moya, Juan ^{[1
]}

DeCastro-Garcia, Noemi ^{[2
]}

Fernandez-Diaz, Ramon-Angel ^{[1
]}

Lorenzana Tamargo, Jorge ^{[2
]}

机构：

[1] Univ Leon, Dept Ingn Mecan Informat & Aeroespacial, Campus Vegazana, E-24071 Leon, Spain

[2] Univ Leon, Res Inst Appl Sci & Cybersecur Modulo Invest Cibe, Campus Vegazana, E-24071 Leon, Spain

来源：

OPEN MATHEMATICS | 2017年 / 15卷

关键词：

Advanced persistent threat; Cybersecurity; Data mining; Expert knowledge;

D O I：

10.1515/math-2017-0094

中图分类号：

O1 [数学];

学科分类号：

0701 ; 070101 ;

摘要：

Critical Infrastructures in public administration would be compromised by Advanced Persistent Threats (APT) which today constitute one of the most sophisticated ways of stealing information. This paper presents an effective, learning based tool that uses inductive techniques to analyze the information provided by firewall log files in an IT infrastructure, and detect suspicious activity in order to mark it as a potential APT. The experiments have been accomplished mixing real and synthetic data traffic to represent different proportions of normal and anomalous activity.

引用

页码：1108 / 1122

页数：15

共 50 条

[1] Systems for Detecting Advanced Persistent Threats a Development Roadmap using Intelligent Data Analysis
de Vries, Johannes
Hoogstraaten, Hans
van den Berg, Jan
Daskapan, Semir
[J]. 2012 ASE INTERNATIONAL CONFERENCE ON CYBER SECURITY (CYBERSECURITY), 2012, : 54 - 61
[2] A novel approach for detecting advanced persistent threats
Al-Saraireh, Jaafer
Masarweh, Ala'
[J]. EGYPTIAN INFORMATICS JOURNAL, 2022, 23 (04) : 45 - 55
[3] APTHunter: Detecting Advanced Persistent Threats in Early Stages
Mahmoud, Moustafa
Mannan, Mohammad
Youssef, Amr
[J]. DIGITAL THREATS: RESEARCH AND PRACTICE, 2023, 4 (01):
[4] A Cyber Kill Chain Approach for Detecting Advanced Persistent Threats
Ahmed, Yussuf
Asyhari, A. Taufiq
Rahman, Md Arafatur
[J]. CMC-COMPUTERS MATERIALS & CONTINUA, 2021, 67 (02): : 2497 - 2513
[5] The Use of Machine Learning Algorithms for Detecting Advanced Persistent Threats
Eke, Hope Nkiruka
Petrovski, Andrei
Ahriz, Hatem
[J]. PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS (SIN'19), 2019,
[6] Flow Based Analysis of Advanced Persistent Threats Detecting Targeted Attacks in Cloud Computing
Vance, Andrew
[J]. 2014 FIRST INTERNATIONAL SCIENTIFIC-PRACTICAL CONFERENCE PROBLEMS OF INFOCOMMUNICATIONS SCIENCE AND TECHNOLOGY (PIC S&T), 2014, : 173 - 176
[7] Defense Against Advanced Persistent Threats with Expert System for Internet of Things
Hu, Qing
Lv, Shichao
Shi, Zhiqiang
Sun, Limin
Xiao, Liang
[J]. WIRELESS ALGORITHMS, SYSTEMS, AND APPLICATIONS, WASA 2017, 2017, 10251 : 326 - 337
[8] Big knowledge-based semantic correlation for detecting slow and low-level advanced persistent threats
Amir Mohammadzade Lajevardi
Morteza Amini
[J]. Journal of Big Data, 8
[9] Big knowledge-based semantic correlation for detecting slow and low-level advanced persistent threats
Lajevardi, Amir Mohammadzade
Amini, Morteza
[J]. JOURNAL OF BIG DATA, 2021, 8 (01)
[10] Surviving Advanced Persistent Threats - a Framework and Analysis
Mehresh, Ruchika
Upadhyaya, Shambhu
[J]. PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON CYBER WARFARE AND SECURITY (ICCWS-2015), 2015, : 445 - 454

← 1 2 3 4 5 →