Real-Time APT Detection Technologies: A Literature Review

Abstract

Recently, the usage of advanced persistent threats (APT) increased rapidly in the context of cyberwar. To perform countermeasures against such attacks, an efficient APT detection is necessary. Detecting these attacks in real-time reduces the resulting damage since countermeasures can be applied more quickly. However, not every detection method is applicable in real-time. This paper presents a literature review of technologies used for real-time APT detection based on 26 research articles. The identified technologies are machine learning algorithms, graph inferences, statistical metrics, and rule-based systems.