Advanced Persistent Threat Detection and Defence (APT)

Advanced Persistent Threats ◽

Sophisticated Version ◽

The Web ◽

Cyber Criminals

as the growth and popularity of technology has become simultaneous ascend in both impacts and numbers of cyber criminals thanks to the web. For many years, the organization has strived in ways of preventing any attacks from cyber-criminal with advanced techniques. Cybercriminals and intruders are developing a more advanced way to breach the security surface of an organization. Advanced Persistent Threats are also known as APT are new and a lot more sophisticated version for multistep attack scenarios that are known and are targeted just to achieve a goal most commonly undercover activities. this report, there will cover everything I know that tells us about APT with more word and brief explanations

A spatial-temporal correlation based method for advanced persistent threat detection

Journal of Physics Conference Series ◽

10.1088/1742-6596/2113/1/012037 ◽

2021 ◽

Vol 2113 (1) ◽

pp. 012037

Author(s):

Luoli Wang

Keyword(s):

Short Term Memory ◽

Temporal Correlation ◽

Attack Detection ◽

Threat Detection ◽

Cyber Attack ◽

Network Attack ◽

Advanced Persistent Threats ◽

New Type ◽

Temporal Dimensions

Abstract Advanced Persistent Threats (APT) have caused severe damage to the core information infrastructure of many governments and organizations. APT attacks usually remain low and slow which makes them difficult to be detected. In this case, the way of correlatively analyzing massive logs generated by various security devices for effectively detecting the new type of cyber threat turns out to be more and more significant. In this paper, on the basis of analyzing the principles and characteristics of APT, we propose an intelligent threat detection method based on the expanded Cyber Attack Chain (CAC) model and the long short-term memory network (LSTM) autoencoder to extensively correlate malicious behaviors from spatial and temporal dimensions, which provides a brain new idea for the application and practice of complex network attack detection.

Advanced Persistent Threat Detection: A Survey

2021 3rd International Cyber Resilience Conference (CRC) ◽

10.1109/crc50527.2021.9392626 ◽

2021 ◽

Author(s):

Adam Khalid ◽

Anazida Zainal ◽

Mohd Aizaini Maarof ◽

Fuad A. Ghaleb

Keyword(s):

Threat Detection ◽

Deploying Semantic Web Technologies for Information Fusion of Terrorism-related Content and Threat Detection on the Web

IEEE/WIC/ACM International Conference on Web Intelligence on - WI '19 Companion ◽

10.1145/3358695.3360896 ◽

2019 ◽

Cited By ~ 1

Author(s):

Panagiotis Mitzias ◽

Ioannis Kompatsiaris ◽

Efstratios Kontopoulos ◽

James Staite ◽

Tony Day ◽

...

Keyword(s):

Semantic Web ◽

Information Fusion ◽

Threat Detection ◽

Semantic Web Technologies ◽

Web Technologies ◽

The Web

The Big Four - What We Did Wrong in Advanced Persistent Threat Detection?

2013 International Conference on Availability, Reliability and Security ◽

10.1109/ares.2013.32 ◽

2013 ◽

Cited By ~ 68

Author(s):

Nikos Virvilis ◽

Dimitris Gritzalis

Keyword(s):

Threat Detection ◽

Big Four

Evolving Advanced Persistent Threat Detection using Provenance Graph and Metric Learning

2020 IEEE Conference on Communications and Network Security (CNS) ◽

10.1109/cns48642.2020.9162264 ◽

2020 ◽

Author(s):

Gbadebo Ayoade ◽

Khandakar Ashrafi Akbar ◽

Pracheta Sahoo ◽

Yang Gao ◽

Anmol Agarwal ◽

...

Keyword(s):

Metric Learning ◽

Threat Detection ◽

Analysis of high volumes of network traffic for Advanced Persistent Threat detection

Computer Networks ◽

10.1016/j.comnet.2016.05.018 ◽

2016 ◽

Vol 109 ◽

pp. 127-141 ◽

Cited By ~ 58

Author(s):

Mirco Marchetti ◽

Fabio Pierazzi ◽

Michele Colajanni ◽

Alessandro Guido

Keyword(s):

Network Traffic ◽

Threat Detection ◽

Advances in Intelligent Systems and Computing - Distributed Computing and Artificial Intelligence, 16th International Conference, Special Sessions ◽

Proposed Models for Advanced Persistent Threat Detection: A Review

10.1007/978-3-030-23946-6_16 ◽

2019 ◽

pp. 141-148

Author(s):

Santiago Quintero-Bonilla ◽

Angel Martín del Rey

Keyword(s):

Threat Detection ◽

Trustworthy Computing and Services - Communications in Computer and Information Science ◽

Advanced Persistent Threat Detection Method Research Based on Relevant Algorithms to Artificial Immune System

10.1007/978-3-662-47401-3_29 ◽

2015 ◽

pp. 221-228

Author(s):

Bin Jia ◽

Zhaowen Lin ◽

Yan Ma

Keyword(s):

Immune System ◽

Artificial Immune System ◽

Detection Method ◽

Threat Detection ◽

Artificial Immune ◽

Defending against the advanced persistent threat: Detection of disguised executable files

10.7287/peerj.preprints.2998 ◽

2018 ◽

Author(s):

Ibrahim Ghafir ◽

Mohammad Hammoudeh ◽

Vaclav Prenosil

Keyword(s):

Life Cycle ◽

Cyber Attacks ◽

Threat Detection ◽

Point Of Entry ◽

Executable File ◽

Common Technique ◽

Mime Type

Advanced Persistent Threat (APT) is one of the most serious types of cyber attacks, which is a new and more complex version of multi-step attack. Within the APT life cycle, the most common technique used to get the point of entry is spear-phishing emails which may contain disguised executable files. This paper presents the disguised executable file detection (DeFD) module, which aims at detecting disguised exe files transferred over the connections. The detection is based on a comparison between the MIME type of the transferred file and the file name extension. This module was experimentally evaluated and the results show successful detection of disguised executable files.

APT-Dt-KC: advanced persistent threat detection based on kill-chain model

The Journal of Supercomputing ◽

10.1007/s11227-021-04201-9 ◽

2022 ◽

Author(s):

Maryam Panahnejad ◽

Meghdad Mirabi

Keyword(s):

Chain Model ◽

Threat Detection ◽