持久性威胁模式发现

2015 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2015-05-27 DOI:10.1109/ISI.2015.7165967

Faisal Quader, V. Janeja, Justin Stauffer

{"title":"持久性威胁模式发现","authors":"Faisal Quader, V. Janeja, Justin Stauffer","doi":"10.1109/ISI.2015.7165967","DOIUrl":null,"url":null,"abstract":"Advanced Persistent Threat (APT) is a complex (Advanced) cyber-attack (Threat) against specific targets over long periods of time (Persistent) carried out by nation states or terrorist groups with highly sophisticated levels of expertise to establish entries into organizations, which are critical to a country's socio-economic status. The key identifier in such persistent threats is that patterns are long term, could be high priority, and occur consistently over a period of time. This paper focuses on identifying persistent threat patterns in network data, particularly data collected from Intrusion Detection Systems. We utilize Association Rule Mining (ARM) to detect persistent threat patterns on network data. We identify potential persistent threat patterns, which are frequent but at the same time unusual as compared with the other frequent patterns.","PeriodicalId":292352,"journal":{"name":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Persistent threat pattern discovery\",\"authors\":\"Faisal Quader, V. Janeja, Justin Stauffer\",\"doi\":\"10.1109/ISI.2015.7165967\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Advanced Persistent Threat (APT) is a complex (Advanced) cyber-attack (Threat) against specific targets over long periods of time (Persistent) carried out by nation states or terrorist groups with highly sophisticated levels of expertise to establish entries into organizations, which are critical to a country's socio-economic status. The key identifier in such persistent threats is that patterns are long term, could be high priority, and occur consistently over a period of time. This paper focuses on identifying persistent threat patterns in network data, particularly data collected from Intrusion Detection Systems. We utilize Association Rule Mining (ARM) to detect persistent threat patterns on network data. We identify potential persistent threat patterns, which are frequent but at the same time unusual as compared with the other frequent patterns.\",\"PeriodicalId\":292352,\"journal\":{\"name\":\"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-05-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISI.2015.7165967\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Conference on Intelligence and Security Informatics (ISI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISI.2015.7165967","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

高级持续性威胁(APT)是一种针对特定目标的复杂(高级)网络攻击(威胁)，这种攻击(威胁)是由民族国家或恐怖组织实施的，具有高度复杂的专业知识水平，可以进入组织，这对一个国家的社会经济地位至关重要。这种持续性威胁的关键标识符是模式是长期的，可以是高优先级的，并且在一段时间内一致地发生。本文的重点是识别网络数据中的持续威胁模式，特别是从入侵检测系统收集的数据。我们利用关联规则挖掘(ARM)来检测网络数据上的持续威胁模式。我们识别潜在的持续威胁模式，与其他频繁的模式相比，这些模式是频繁的，但同时也是不寻常的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Persistent threat pattern discovery

Advanced Persistent Threat (APT) is a complex (Advanced) cyber-attack (Threat) against specific targets over long periods of time (Persistent) carried out by nation states or terrorist groups with highly sophisticated levels of expertise to establish entries into organizations, which are critical to a country's socio-economic status. The key identifier in such persistent threats is that patterns are long term, could be high priority, and occur consistently over a period of time. This paper focuses on identifying persistent threat patterns in network data, particularly data collected from Intrusion Detection Systems. We utilize Association Rule Mining (ARM) to detect persistent threat patterns on network data. We identify potential persistent threat patterns, which are frequent but at the same time unusual as compared with the other frequent patterns.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE International Conference on Intelligence and Security Informatics (ISI)

自引率

0.00%

发文量