POSTER: Network Based Advanced Persistent Threat AttackDetection

For years businesses have striven to keep malware, spam and unwanted intruders at bay with varying degrees of success. Cyber criminals and spies in turn created more advanced means to breach the security measures. An APT is a form of multistep attack that is executed with more stealth and is targeted specifically to achieve a specific goal, most often espionage. This poster states research questions and propose a novel approach to intrusion detection system processes network traffic and able to detect potential APT attack. This detection of APT attack is based on the correlation between the events which we get them as outputs of our detection methods.