A Host-Based Detection Method of Remote Access Trojan in the Early Stage
作者: Daichi Adachi , Kazumasa Omote
DOI: 10.1007/978-3-319-49151-6_8
关键词:
摘要: The attacks called Advanced Persistent Threat (APT) attack targeting a specific organization are increasing. APT usually uses malware Remote Access Trojan (RAT) which can steal the confidential information from target organization. Although there many existing approaches about RAT detection, still remain two challenges: to detect RATs as early possible, and distinguish them normal applications with high accuracy low FNR.
springer.com
sci-hub.st 参考文章(9)
Daesung Moon, Sung Bum Pan, Ikkyun Kim, Host-based intrusion detection system for secure human-centric computing The Journal of Supercomputing. ,vol. 72, pp. 2520- 2536 ,(2016) , 10.1007/S11227-015-1506-9
Ryoichi Sasaki, Satoshi Mimura, METHOD FOR ESTIMATING UNJUST COMMUNICATION CAUSES USING NETWORK PACKETS ASSOCIATED WITH PROCESS INFORMATION international conference on information security. pp. 44- 49 ,(2014)
Saranya Chandran, P Hrudya, Prabaharan Poornachandran, None, An efficient classification model for detecting advanced persistent threat advances in computing and communications. pp. 2001- 2009 ,(2015) , 10.1109/ICACCI.2015.7275911
Ivo Friedberg, Florian Skopik, Giuseppe Settanni, Roman Fiedler, Combating advanced persistent threats Computers & Security. ,vol. 48, pp. 35- 57 ,(2015) , 10.1016/J.COSE.2014.09.006
Yu Liang, Guojun Peng, Huanguo Zhang, Ying Wang, An unknown Trojan detection method based on software network behavior Wuhan University Journal of Natural Sciences. ,vol. 18, pp. 369- 376 ,(2013) , 10.1007/S11859-013-0944-6
Shicong Li, Xiaochun Yun, Yongzheng Zhang, Jun Xiao, Yipeng Wang, A General Framework of Trojan Communication Detection Based on Network Traces networking architecture and storages. pp. 49- 58 ,(2012) , 10.1109/NAS.2012.10
Yuanyuan Zeng, Xin Hu, K G Shin, Detection of botnets using combined host- and network-level information dependable systems and networks. pp. 291- 300 ,(2010) , 10.1109/DSN.2010.5544306
Dan JIANG, Kazumasa OMOTE, A RAT Detection Method Based on Network Behavior of the Communication's Early Stage IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences. ,vol. 99, pp. 145- 153 ,(2016) , 10.1587/TRANSFUN.E99.A.145
Masahiro Yamada, Masanobu Morinaga, Yuki Unno, Satoru Torii, Masahiko Takenaka, RAT-based malicious activities detection on enterprise internal networks 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST). pp. 321- 325 ,(2015) , 10.1109/ICITST.2015.7412113