A New Realistic Benchmark for Advanced Persistent Threats in Network Traffic

被引：5

作者：

Liu, Jinxin ^{[1
]}

Shen, Yu ^{[1
]}

Simsek, Murat ^{[1
]}

Kantarci, Burak ^{[1
]}

Mouftah, Hussein T. ^{[1
]}

Bagheri, Mehran ^{[2
]}

Djukic, Petar ^{[2
]}

机构：

[1] University of Ottawa, School of Electrical Engineering and Computer Science, Ottawa,ON,K1N 6N5, Canada

[2] Ciena Corporation, Ai and Analytics Department, Ottawa,ON,K2K 3K1, Canada

来源：

IEEE Networking Letters | 2022年 / 4卷 / 03期

关键词：

Advanced persistent threat - Attack centric method - Classification-tree analysis - Features extraction - Intrusion Detection Systems - Machine-learning - Networks security - Predictive models - Random forests - Reconnaissance;

D O I：

10.1109/LNET.2022.3185553

中图分类号：

学科分类号：

摘要：

In order to define a benchmark for Machine Learning (ML)-based Advanced Persistent Threat (APT) detection in the network traffic, this letter presents SCVIC-APT-2021, a new dataset that can realistically represent the contemporary network architecture and APT characteristics. Following upon this, an ML-based Attack Centric Method (ACM) is introduced to evaluate the APT detection performance on the generated dataset. Furthermore, ACM has been shown to outperform the baseline approaches with a maximum macro average F1 score of 82.27% corresponding to 9.4% improvement with respect to the baseline performance. © 2019 IEEE.

引用

页码：162 / 166

共 50 条

[31] Preventing Advanced Persistent Threats in Complex Control Networks
Rubio, Juan E.
Alcaraz, Cristina
Lopez, Javier
COMPUTER SECURITY - ESORICS 2017, PT II, 2017, 10493 : 402 - 418
[32] Concept and difficulties of advanced persistent threats (APT): Survey
Khaleefa, Eman J.
Abdulah, Dhahair A.
INTERNATIONAL JOURNAL OF NONLINEAR ANALYSIS AND APPLICATIONS, 2022, 13 (01): : 4037 - 4052
[33] Advanced Persistent threats and how to monitor and deter them
Tankard C.
Network Security, 2011, 2011 (08) : 16 - 19
[34] Developing Secure Products in the Age of Advanced Persistent Threats
Baize, Eric
IEEE SECURITY & PRIVACY, 2012, 10 (03) : 88 - 92
[35] Hybrid Analysis Technique to detect Advanced Persistent Threats
Chakkaravarthy, S. Sibi
Vaidehi, V.
Rajesh, P.
INTERNATIONAL JOURNAL OF INTELLIGENT INFORMATION TECHNOLOGIES, 2018, 14 (02) : 59 - 76
[36] Identifying Vulnerabilities of Advanced Persistent Threats: An Organizational Perspective
Nicho, Mathew
Khan, Shafaq
INTERNATIONAL JOURNAL OF INFORMATION SECURITY AND PRIVACY, 2014, 8 (01) : 1 - 18
[37] An adaptive defense mechanism to prevent advanced persistent threats
Xie, Yi-xi
Ji, Li-xin
Li, Ling-shu
Guo, Zehua
Baker, Thar
CONNECTION SCIENCE, 2021, 33 (02) : 359 - 379
[38] Beyond Blacklisting: Cyberdefense in the Era of Advanced Persistent Threats
Beuhring, Aaron
Salous, Kyle
IEEE SECURITY & PRIVACY, 2014, 12 (05) : 90 - 93
[39] APTHunter: Detecting Advanced Persistent Threats in Early Stages
Mahmoud, Moustafa
Mannan, Mohammad
Youssef, Amr
DIGITAL THREATS: RESEARCH AND PRACTICE, 2023, 4 (01):
[40] The Influences of Feature Sets on the Detection of Advanced Persistent Threats
Hofer-Schmitz, Katharina
Kleb, Ulrike
Stojanovic, Branka
ELECTRONICS, 2021, 10 (06) : 1 - 22

← 1 2 3 4 5 →