A Context-Based Detection Framework for Advanced Persistent Threats
作者: Paul Giura , Wei Wang
DOI: 10.1109/CYBERSECURITY.2012.16
关键词:
摘要: Besides a large set of malware categories such as worms and Trojan horses, Advanced Persistent Threat (APT) is another more sophisticated attack entity emerging in the cyber threats environment. In this paper we propose model APT detection problem well methodology to implement it on generic organization network. From our knowledge, proposed method first address modeling an provide possible framework.
sci-hub.se 参考文章(6)
YongChul Kwon, Magdalena Balazinska, Nathan Kuchta, Dennis Lee, Moirae: History-Enhanced Monitoring. conference on innovative data systems research. pp. 375- 386 ,(2007)
Lars Brenna, Alan Demers, Johannes Gehrke, Mingsheng Hong, Joel Ossher, Biswanath Panda, Mirek Riedewald, Mohit Thatte, Walker White, Cayuga Proceedings of the 2007 ACM SIGMOD international conference on Management of data - SIGMOD '07. pp. 1100- 1102 ,(2007) , 10.1145/1247480.1247620
Seyit Ahmet Camtepe, Bulent Yener, Modeling and detection of complex attacks international workshop on security. pp. 234- 243 ,(2007) , 10.1109/SECCOM.2007.4550338
Edward G. Amoroso, Fundamentals of computer security technology ,(1994)
B. Schneier, Attack trees : Modeling security threats Dr. Dobb's Journal. ,vol. 24, pp. 21- 29 ,(1999)