J. D. Vries, H. Hoogstraaten, J. Berg, S. Daskapan
{"title":"检测高级持续威胁的系统:使用智能数据分析的发展路线图","authors":"J. D. Vries, H. Hoogstraaten, J. Berg, S. Daskapan","doi":"10.1109/CyberSecurity.2012.14","DOIUrl":null,"url":null,"abstract":"Cyber-attacks against companies and governments are increasing in complexity, persistence and numbers. Common intrusion detection methods lack the ability to detect such - what are commonly termed - advanced persistent threats. A new approach is needed that takes the stepwise characteristics of this type of threats into account and links analysis methods to attack features. This paper takes up this challenge. First, an analysis framework is proposed to relate complex attack attributes to detection and business aspects. Second, the framework is used to define a development roadmap for designing advanced intrusion detection systems, such systems can analyze network traffic and client data at multiple network locations using both signature and anomaly detection methods derived from the intelligent data analysis field. Third, a test case is provided showing the potential power of the proposed development roadmap.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"46","resultStr":"{\"title\":\"Systems for Detecting Advanced Persistent Threats: A Development Roadmap Using Intelligent Data Analysis\",\"authors\":\"J. D. Vries, H. Hoogstraaten, J. Berg, S. Daskapan\",\"doi\":\"10.1109/CyberSecurity.2012.14\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-attacks against companies and governments are increasing in complexity, persistence and numbers. Common intrusion detection methods lack the ability to detect such - what are commonly termed - advanced persistent threats. A new approach is needed that takes the stepwise characteristics of this type of threats into account and links analysis methods to attack features. This paper takes up this challenge. First, an analysis framework is proposed to relate complex attack attributes to detection and business aspects. Second, the framework is used to define a development roadmap for designing advanced intrusion detection systems, such systems can analyze network traffic and client data at multiple network locations using both signature and anomaly detection methods derived from the intelligent data analysis field. Third, a test case is provided showing the potential power of the proposed development roadmap.\",\"PeriodicalId\":162858,\"journal\":{\"name\":\"2012 International Conference on Cyber Security\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"46\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 International Conference on Cyber Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CyberSecurity.2012.14\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 International Conference on Cyber Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberSecurity.2012.14","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Systems for Detecting Advanced Persistent Threats: A Development Roadmap Using Intelligent Data Analysis
Cyber-attacks against companies and governments are increasing in complexity, persistence and numbers. Common intrusion detection methods lack the ability to detect such - what are commonly termed - advanced persistent threats. A new approach is needed that takes the stepwise characteristics of this type of threats into account and links analysis methods to attack features. This paper takes up this challenge. First, an analysis framework is proposed to relate complex attack attributes to detection and business aspects. Second, the framework is used to define a development roadmap for designing advanced intrusion detection systems, such systems can analyze network traffic and client data at multiple network locations using both signature and anomaly detection methods derived from the intelligent data analysis field. Third, a test case is provided showing the potential power of the proposed development roadmap.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
