On-line Shared Platform Evaluation Framework for Advanced Persistent Threats

被引:0
|
作者
Sohn, Dongsik [1 ]
Lee, Taejin [2 ]
Kwak, Jin [3 ]
机构
[1] Ajou Univ, Dept Comp Engn, ISAA Lab, Suwon, South Korea
[2] Hoseo Univ, Dept Comp Engn, Cheonan, South Korea
[3] Ajou Univ, Dept Cyber Secur, Suwon, South Korea
来源
KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | 2019年 / 13卷 / 05期
基金
新加坡国家研究基金会;
关键词
APT Evaluation; APT detection; Intrusion detection; APT evaluation framework; Detection Performance; BOTNET; FLOW;
D O I
10.3837/tiis.2019.05.021
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Advanced persistent threats (APTs) are constant attacks of specific targets by hackers using intelligent methods. All current internal infrastructures are constantly subject to APT attacks created by external and unknown malware. Therefore, information security officers require a framework that can assess whether information security systems are capable of detecting and blocking APT attacks. Furthermore, an on-line evaluation of information security systems is required to cope with various malicious code attacks. A regular evaluation of the information security system is thus essential. In this paper, we propose a dynamic updated evaluation framework to improve the detection rate of internal information systems for malware that is unknown to most (over 60 %) existing static information security system evaluation methodologies using non-updated unknown malware.
引用
收藏
页码:2610 / 2628
页数:19
相关论文
共 50 条
  • [1] Surviving Advanced Persistent Threats - a Framework and Analysis
    Mehresh, Ruchika
    Upadhyaya, Shambhu
    PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON CYBER WARFARE AND SECURITY (ICCWS-2015), 2015, : 445 - 454
  • [2] Decepticon: a Theoretical Framework to Counter Advanced Persistent Threats
    Baksi, Rudra P.
    Upadhyaya, Shambhu J.
    INFORMATION SYSTEMS FRONTIERS, 2021, 23 (04) : 897 - 913
  • [3] Decepticon: a Theoretical Framework to Counter Advanced Persistent Threats
    Rudra P. Baksi
    Shambhu J. Upadhyaya
    Information Systems Frontiers, 2021, 23 : 897 - 913
  • [4] A Context-Based Detection Framework for Advanced Persistent Threats
    Giura, Paul
    Wang, Wei
    2012 ASE INTERNATIONAL CONFERENCE ON CYBER SECURITY (CYBERSECURITY), 2012, : 69 - 74
  • [5] An Analytical Framework to Address the Data Exfiltration of Advanced Persistent Threats
    Nar, Kamil
    Sastry, S. Shankar
    2018 IEEE CONFERENCE ON DECISION AND CONTROL (CDC), 2018, : 867 - 873
  • [6] Advanced Persistent Threats
    Ozzengin, Yavuz Selim
    Sakiz, Fatih
    Benzer, Recep
    2016 24TH SIGNAL PROCESSING AND COMMUNICATION APPLICATION CONFERENCE (SIU), 2016, : 1845 - 1848
  • [7] A Network Gene-Based Framework for Detecting Advanced Persistent Threats
    Wang, Yuan
    Wang, Yongjun
    Liu, Jing
    Huang, Zhijian
    2014 NINTH INTERNATIONAL CONFERENCE ON P2P, PARALLEL, GRID, CLOUD AND INTERNET COMPUTING (3PGCIC), 2014, : 97 - 102
  • [8] Security Evaluation of the Cyber Networks Under Advanced Persistent Threats
    Yang, Lu-Xing
    Li, Pengdeng
    Yang, Xiaofan
    Tang, Yuan Yan
    IEEE ACCESS, 2017, 5 : 20111 - 20123
  • [9] A Study on Advanced Persistent Threats
    Chen, Ping
    Desmet, Lieven
    Huygens, Christophe
    COMMUNICATIONS AND MULTIMEDIA SECURITY, CMS 2014, 2014, 8735 : 63 - 72
  • [10] DFA-AD: a distributed framework architecture for the detection of advanced persistent threats
    Sharma, Pradip Kumar
    Moon, Seo Yeon
    Moon, Daesung
    Park, Jong Hyuk
    CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2017, 20 (01): : 597 - 609
12345