Log-centric analytics for advanced persistent threat detection

Detected Malware Overview • With LogIC, we have the ability to identify the exact source and behaviors of detected malwares. This will give us an attack sample, which could be used to detect similar attacks on other machines. • With attack samples and logs generated by different hosts, LogAn is able to detect the same attack or similar attacks while ignoring some details like IP address. ...... IP Addr File