Anticipating Advanced Persistent Threat (APT) countermeasures using collaborative security mechanisms

Information and communication security has gained significant importance due to its wide spread use, increased sophistication and complexity in its deployment. On the other hand, more sophisticated and stealthy techniques are being practiced by the intruder´s group to penetrate and exploit the technology and attack detection. One such treacherous threat to all critical assets of an organization is Advanced Persistent Threat (APT). Since APT attack vector is not previously known, consequently this can harm the organization´s assets before the patch for this security flaw is released/available. This paper presents a preliminary research effort to counter the APT or zero day attacks at an early stage by detecting malwares. Open Source version of Security Information and Event Management (SIEM) is used to detect denial of service attack launched through remote desktop service. The framework presented in this paper also shows the efficiency of the technique and it can be enhanced with more sophisticated mechanisms for APT attack detection.