Proposed Approach for Targeted Attacks Detection
Authors | |
---|---|
Year of publication | 2016 |
Type | Article in Proceedings |
Conference | Advanced Computer and Communication Engineering Technology, Lecture Notes in Electrical Engineering |
MU Faculty or unit | |
Citation | |
Web | http://link.springer.com/chapter/10.1007%2F978-3-319-24584-3_7 |
Doi | http://dx.doi.org/10.1007/978-3-319-24584-3_7 |
Field | Informatics |
Keywords | Cyber attacks; targeted attacks; advanced persistent threat; malware; intrusion detection system. |
Attached files | |
Description | For years governments, organizations and companies have made great efforts to keep hackers, malware, cyber attacks at bay with different degrees of success. On the other hand, cyber criminals and miscreants produced more advanced techniques to compromise Internet infrastructure. Targeted attack or advanced persistent threat (APT) attack is a new challenge and aims to accomplish a specific goal, most often espionage. APTs are presently the biggest threat to governments and organizations. This paper states research questions and propose a novel approach to intrusion detection system processes network traffic and able to detect potential APT attack. This detection of APT attack is based on the correlation between the events which we get as outputs of our detection methods. Each detection method aims to detect one technique used in one of APT attack steps. |
Related projects: |