POSTER: Network Based Advanced Persistent Threat Attack Detection

Ghafir,  Ibrahim; Přenosil,  Václav

POSTER: Network Based Advanced Persistent Threat Attack Detection

Warning

This publication doesn't include Institute of Computer Science. It includes Faculty of Informatics. Official publication website can be found on muni.cz.

Authors	GHAFIR Ibrahim PŘENOSIL Václav
Year of publication	2014
Type	Conference abstract
MU Faculty or unit	Faculty of Informatics
Citation
Description	For years businesses have striven to keep malware, spam and unwanted intruders at bay with varying degrees of success. Cyber criminals and spies in turn created more advanced means to breach the security measures. An APT is a form of multistep attack that is executed with more stealth and is targeted specifically to achieve a specific goal, most often espionage. This poster states research questions and propose a novel approach to intrusion detection system processes network traffic and able to detect potential APT attack. This detection of APT attack is based on the correlation between the events which we get them as outputs of our detection methods.
Related projects:	Mobilní dedikované zařízení pro naplňování schopností reakce na počítačové incidenty (CIRC)