Proposed Models for Advanced Persistent Threat Detection: A Review

Advanced Persistent Threat is a sophisticated, targeted attack. This threat represents a risk to all organisations, specifically if they manage sensitive data or critical infrastructures. Recently, the analysis of these threats has caught the attention of the scientific community. Researchers have studied the behaviour of this threat to create models and tools that allow early detection of these attacks. The use of Artificial Intelligence can help to detect, alert and automatically predict these types of threats and reduce the time the attacker can stay on a network organisation. The objective of this work is a review of the proposed models to identify the tools and methods that they have used.

[1]  Anuradha Pillai,et al.  Applications of Machine Learning in Cyber Security , 2020, Handbook of Research on Machine and Deep Learning Applications for Cyber Security.

[2]  Daesung Moon,et al.  DFA-AD: a distributed framework architecture for the detection of advanced persistent threats , 2017, Cluster Computing.

[3]  Wei Wang,et al.  A Context-Based Detection Framework for Advanced Persistent Threats , 2012, 2012 International Conference on Cyber Security.

[4]  J. Initiative SP 800-39. Managing Information Security Risk: Organization, Mission, and Information System View , 2011 .

[5]  Witold Kinsner,et al.  Detecting Advanced Persistent Threats using Fractal Dimension based Machine Learning Classification , 2016, IWSPA@CODASPY.

[6]  Mengjun Li,et al.  A Framework of APT Detection Based on Dynamic Analysis , 2016 .

[7]  Christoph Meinel,et al.  Advanced persistent threats: Behind the scenes , 2016, 2016 Annual Conference on Information Science and Systems (CISS).

[8]  Li Yingbo,et al.  Study and research of APT detection technology based on big data processing architecture , 2015, 2015 IEEE 5th International Conference on Electronics Information and Emergency Communication.

[9]  Pierre Parrend,et al.  A systematic survey on multi-step attack detection , 2018, Comput. Secur..

[10]  Chunhua Wang,et al.  Machine Learning and Deep Learning Methods for Cybersecurity , 2018, IEEE Access.

[11]  Edgar R. Weippl,et al.  Advanced social engineering attacks , 2015, J. Inf. Secur. Appl..

[12]  Julian Jang,et al.  A survey of emerging threats in cybersecurity , 2014, J. Comput. Syst. Sci..

[13]  Khaled M. Rabie,et al.  Detection of advanced persistent threat using machine-learning correlation analysis , 2018, Future Gener. Comput. Syst..

[14]  Erhan Guven,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2016, IEEE Communications Surveys & Tutorials.