A New Realistic Benchmark for Advanced Persistent Threats in Network Traffic

被引:5
|
作者
Liu, Jinxin [1 ]
Shen, Yu [1 ]
Simsek, Murat [1 ]
Kantarci, Burak [1 ]
Mouftah, Hussein T. [1 ]
Bagheri, Mehran [2 ]
Djukic, Petar [2 ]
机构
[1] University of Ottawa, School of Electrical Engineering and Computer Science, Ottawa,ON,K1N 6N5, Canada
[2] Ciena Corporation, Ai and Analytics Department, Ottawa,ON,K2K 3K1, Canada
来源
IEEE Networking Letters | 2022年 / 4卷 / 03期
关键词
Advanced persistent threat - Attack centric method - Classification-tree analysis - Features extraction - Intrusion Detection Systems - Machine-learning - Networks security - Predictive models - Random forests - Reconnaissance;
D O I
10.1109/LNET.2022.3185553
中图分类号
学科分类号
摘要
In order to define a benchmark for Machine Learning (ML)-based Advanced Persistent Threat (APT) detection in the network traffic, this letter presents SCVIC-APT-2021, a new dataset that can realistically represent the contemporary network architecture and APT characteristics. Following upon this, an ML-based Attack Centric Method (ACM) is introduced to evaluate the APT detection performance on the generated dataset. Furthermore, ACM has been shown to outperform the baseline approaches with a maximum macro average F1 score of 82.27% corresponding to 9.4% improvement with respect to the baseline performance. © 2019 IEEE.
引用
收藏
页码:162 / 166
相关论文
共 50 条
  • [1] Prior Knowledge based Advanced Persistent Threats Detection for IoT in a Realistic Benchmark
    Shen, Yu
    Simsek, Murat
    Kantarci, Burak
    Mouftah, Hussein T.
    Bagheri, Mehran
    Djukic, Petar
    2022 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM 2022), 2022, : 3551 - 3556
  • [2] Advanced Persistent Threats
    Ozzengin, Yavuz Selim
    Sakiz, Fatih
    Benzer, Recep
    2016 24TH SIGNAL PROCESSING AND COMMUNICATION APPLICATION CONFERENCE (SIU), 2016, : 1845 - 1848
  • [3] A Study on Advanced Persistent Threats
    Chen, Ping
    Desmet, Lieven
    Huygens, Christophe
    COMMUNICATIONS AND MULTIMEDIA SECURITY, CMS 2014, 2014, 8735 : 63 - 72
  • [4] A Network Gene-Based Framework for Detecting Advanced Persistent Threats
    Wang, Yuan
    Wang, Yongjun
    Liu, Jing
    Huang, Zhijian
    2014 NINTH INTERNATIONAL CONFERENCE ON P2P, PARALLEL, GRID, CLOUD AND INTERNET COMPUTING (3PGCIC), 2014, : 97 - 102
  • [5] A Practical Study on Advanced Persistent Threats
    Jeun, Inkyung
    Lee, Youngsook
    Won, Dongho
    COMPUTER APPLICATIONS FOR SECURITY, CONTROL AND SYSTEM ENGINEERING, 2012, 339 : 144 - +
  • [6] Advanced Persistent Threats & Social Engineering
    Weippl, Edgar
    2014 11TH INTERNATIONAL CONFERENCE ON E-BUSINESS (ICE-B), 2014, : IS21 - IS21
  • [7] Advanced Persistent Threats - Detection and Defense
    Vukalovic, J.
    Delija, D.
    2015 8TH INTERNATIONAL CONVENTION ON INFORMATION AND COMMUNICATION TECHNOLOGY, ELECTRONICS AND MICROELECTRONICS (MIPRO), 2015, : 1324 - 1330
  • [8] Advanced Persistent Threats & Social Engineering
    Weippl, Edgar
    2014 INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND MULTIMEDIA APPLICATIONS (SIGMAP), 2014, : IS13 - IS13
  • [9] Advanced Persistent Threats: Behind the Scenes
    Ussath, Martin
    Jaeger, David
    Cheng, Feng
    Meinel, Christoph
    2016 ANNUAL CONFERENCE ON INFORMATION SCIENCE AND SYSTEMS (CISS), 2016,
  • [10] Advanced Persistent Threats in Autonomous Driving
    Kant K.
    Performance Evaluation Review, 2020, 47 (04): : 25 - 28
12345