A New Realistic Benchmark for Advanced Persistent Threats in Network Traffic

被引:5
|
作者
Liu, Jinxin [1 ]
Shen, Yu [1 ]
Simsek, Murat [1 ]
Kantarci, Burak [1 ]
Mouftah, Hussein T. [1 ]
Bagheri, Mehran [2 ]
Djukic, Petar [2 ]
机构
[1] University of Ottawa, School of Electrical Engineering and Computer Science, Ottawa,ON,K1N 6N5, Canada
[2] Ciena Corporation, Ai and Analytics Department, Ottawa,ON,K2K 3K1, Canada
来源
IEEE Networking Letters | 2022年 / 4卷 / 03期
关键词
Advanced persistent threat - Attack centric method - Classification-tree analysis - Features extraction - Intrusion Detection Systems - Machine-learning - Networks security - Predictive models - Random forests - Reconnaissance;
D O I
10.1109/LNET.2022.3185553
中图分类号
学科分类号
摘要
In order to define a benchmark for Machine Learning (ML)-based Advanced Persistent Threat (APT) detection in the network traffic, this letter presents SCVIC-APT-2021, a new dataset that can realistically represent the contemporary network architecture and APT characteristics. Following upon this, an ML-based Attack Centric Method (ACM) is introduced to evaluate the APT detection performance on the generated dataset. Furthermore, ACM has been shown to outperform the baseline approaches with a maximum macro average F1 score of 82.27% corresponding to 9.4% improvement with respect to the baseline performance. © 2019 IEEE.
引用
收藏
页码:162 / 166
相关论文
共 50 条
  • [41] A Survey of Network Traffic Visualization in Detecting Network Security Threats
    Liu, Xiaomei
    Sun, Yong
    Fang, Liang
    Liu, Junpeng
    Yu, Lingjing
    TRUSTWORTHY COMPUTING AND SERVICES (ISCTCS 2014), 2015, 520 : 91 - 98
  • [42] Multiobjective Network Design for Realistic Traffic Models
    Banerjee, Nilanjan
    Kumar, Rajeev
    GECCO 2007: GENETIC AND EVOLUTIONARY COMPUTATION CONFERENCE, VOL 1 AND 2, 2007, : 1904 - +
  • [43] Generating realistic network traffic for security experiments
    Luo, S
    Marin, GA
    PROCEEDINGS OF THE IEEE SOUTHEASTCON 2004: ENGINEERING CONNECTS, 2004, : 200 - 207
  • [44] Swing: Realistic and Responsive Network Traffic Generation
    Vishwanath, Kashi Venkatesh
    Vahdat, Amin
    IEEE-ACM TRANSACTIONS ON NETWORKING, 2009, 17 (03) : 712 - 725
  • [45] Defense Against Advanced Persistent Threats: Optimal Network Security Hardening Using Multi-stage Maze Network Game
    Zhang, Hangsheng
    Liu, Haitao
    Liang, Jie
    Li, Ting
    Geng, Liru
    Liu, Yinlong
    Chen, Shujuan
    2020 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), 2020, : 724 - 729
  • [46] Surviving advanced persistent threats in a distributed environment - Architecture and analysis
    Mehresh, Ruchika
    Upadhyaya, Shambhu
    INFORMATION SYSTEMS FRONTIERS, 2015, 17 (05) : 987 - 995
  • [47] Learning Games for Defending Advanced Persistent Threats in Cyber Systems
    Zhu, Tianqing
    Ye, Dayong
    Cheng, Zishuo
    Zhou, Wanlei
    Yu, Philip S.
    IEEE TRANSACTIONS ON SYSTEMS MAN CYBERNETICS-SYSTEMS, 2023, 53 (04): : 2410 - 2422
  • [48] A Context-Based Detection Framework for Advanced Persistent Threats
    Giura, Paul
    Wang, Wei
    2012 ASE INTERNATIONAL CONFERENCE ON CYBER SECURITY (CYBERSECURITY), 2012, : 69 - 74
  • [49] Dealing with Advanced Persistent Threats in Smart Grid ICT Networks
    Skopik, Florian
    Friedberg, Ivo
    Fiedler, Roman
    2014 IEEE PES INNOVATIVE SMART GRID TECHNOLOGIES CONFERENCE (ISGT), 2014,
  • [50] An Advanced Persistent Threats Awareness Technology Based on "Condensed matter"
    Wang, Yutong
    Chang, Chaowen
    Ma, Zengbang
    PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING 2015 (ICMMCCE 2015), 2015, 39 : 1614 - 1619
12345