Title :
A Network Gene-Based Framework for Detecting Advanced Persistent Threats
Author :
Yuan Wang ; Yongjun Wang ; Jing Liu ; Zhijian Huang
Author_Institution :
Coll. of Comput. Sci., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Advanced Persistent Threat (APT) poses a serious threat to cyber security, and its unique high unpredictability, deep concealment and grave harmfulness make the traditional network monitoring technology facing unprecedented challenges in the background of massive and complicated network traffic. This paper aimed for the urgent demand of APT network monitoring. Relying on the rapid development of big data analysis and cloud computing technology, to draw lessons from biology gene concept, we put forward a new connotation of the network gene to depict the semantic-rich behavior characteristics pattern of network applications. Through the organic combination of network protocol reverse analysis and the network data stream processing technology, we established a set of basic theories and technical architecture of network gene construction and calculation, forming a new detection framework for APTs to support the construction of intrusion-tolerant network ecological environment.
Keywords :
Big Data; biocomputing; cloud computing; computer network security; data analysis; protocols; APT detection; APT network monitoring; advanced persistent threat detection; big data analysis; biology gene concept; cloud computing technology; cyber security; intrusion-tolerant network ecological environment; network data stream processing technology; network gene-based framework; network protocol reverse analysis; Bioinformatics; Correlation; Databases; Genomics; Monitoring; Protocols; Security; advanced persistent threats; cyber security; data stream computing; intrusion detection; network gene;
Conference_Titel :
P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on
Conference_Location :
Guangdong
DOI :
10.1109/3PGCIC.2014.41
