Proposed Approach for Targeted Attacks Detection

Warning

This publication doesn't include Institute of Computer Science. It includes Faculty of Informatics. Official publication website can be found on muni.cz.

Authors

GHAFIR Ibrahim PŘENOSIL Václav

Year of publication 2016
Type Article in Proceedings
Conference Advanced Computer and Communication Engineering Technology, Lecture Notes in Electrical Engineering
MU Faculty or unit

Faculty of Informatics

Citation
Web http://link.springer.com/chapter/10.1007%2F978-3-319-24584-3_7
Doi http://dx.doi.org/10.1007/978-3-319-24584-3_7
Field Informatics
Keywords Cyber attacks; targeted attacks; advanced persistent threat; malware; intrusion detection system.
Attached files
Description For years governments, organizations and companies have made great efforts to keep hackers, malware, cyber attacks at bay with different degrees of success. On the other hand, cyber criminals and miscreants produced more advanced techniques to compromise Internet infrastructure. Targeted attack or advanced persistent threat (APT) attack is a new challenge and aims to accomplish a specific goal, most often espionage. APTs are presently the biggest threat to governments and organizations. This paper states research questions and propose a novel approach to intrusion detection system processes network traffic and able to detect potential APT attack. This detection of APT attack is based on the correlation between the events which we get as outputs of our detection methods. Each detection method aims to detect one technique used in one of APT attack steps.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info