مرکز منطقه ای اطلاع رساني علوم و فناوري - A Context-Based Detection Framework for Advanced Persistent Threats

DocumentCode :

2440897

Title :

A Context-Based Detection Framework for Advanced Persistent Threats

Author :

Giura, P. ; Wei Wang

Author_Institution :

AT&T Security Res. Center, New York, NY, USA

fYear :

2012

fDate :

14-16 Dec. 2012

Firstpage :

Lastpage :

Abstract :

Besides a large set of malware categories such as worms and Trojan horses, Advanced Persistent Threat (APT) is another more sophisticated attack entity emerging in the cyber threats environment. In this paper we propose a model of the APT detection problem as well as a methodology to implement it on a generic organization network. From our knowledge, the proposed method is the first to address the problem of modeling an APT and to provide a possible detection framework.

Keywords :

invasive software; organisational aspects; APT detection problem; Trojan horses; advanced persistent threats; context-based detection framework; cyber threat environment; generic organization network; malware categories; worms; APT; Security;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Cyber Security (CyberSecurity), 2012 International Conference on

Conference_Location :

Washington, DC

Print_ISBN :

978-1-4799-0219-4

Type :

conf

DOI :

10.1109/CyberSecurity.2012.16

Filename :

6542528

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2440897