Asset Details
Do you wish to reserve the book?
A novel approach for APT attack detection based on combined deep learning model
Hey, we have placed the reservation for you!
By the way, why not check out events that you can attend while you pick your title.
Oops! Something went wrong.
Looks like we were not able to place the reservation. Kindly try again later.
Are you sure you want to remove the book from the shelf?
A novel approach for APT attack detection based on combined deep learning model
Do you wish to request the book?
A novel approach for APT attack detection based on combined deep learning model
Please be aware that the book you have requested cannot be checked out. If you would like to checkout this book, you can reserve another copy
We have requested the book for you!
Your request is successful and it will be processed during the Library working hours. Please check the status of your request in My Requests.
Oops! Something went wrong.
Looks like we were not able to place your request. Kindly try again later.
Journal Article
A novel approach for APT attack detection based on combined deep learning model
2021
Overview
Advanced persistent threat (APT) attack is a malicious attack type which has intentional and clear targets. This attack technique has become a challenge for information security systems of organizations, governments, and businesses. The approaches of using machine learning or deep learning algorithms to analyze signs and abnormal behaviors of network traffic for detecting and preventing APT attacks have become popular in recent years. However, the APT attack detection approach that uses behavior analysis and evaluation techniques is facing many difficulties due to the lack of typical data of attack campaigns. To handle this situation, recent studies have selected and extracted the APT attack behaviors which based on datasets are built from experimental tools. Consequently, these properties are few and difficult to obtain in practical monitoring systems. Therefore, although the experimental results show good detection, it does not bring high efficiency in practice. For above reasons, in this paper, a new method based on network traffic analysis using a combined deep learning model to detect APT attacks will be proposed. Specifically, individual deep learning networks such as multilayer perceptron (MLP), convolutional neural network (CNN), and long short-term memory (LSTM) will also be sought, built and linked into combined deep learning networks to analyze and detect signs of APT attacks in network traffic. To detect APT attack signals, the combined deep learning models are performed in two main stages including (i) extracting IP features based on flow: In this phase, we will analyze network traffic into networking flows by IP address and then use the combined deep learning models to extract IP features by network flow; (ii) classifying APT attack IPs: Based on IP features extracted in a task (i), the APT attack IPs and normal IPs will be identified and classified. The proposal of a combined deep learning model to detect APT attacks based on network traffic is a new approach, and there is no research proposed and applied yet. In the experimental section, combined deep learning models proved their superior abilities to ensure accuracy on all measurements from 93 to 98%. This is a very good result for APT attack detection based on network traffic.
Publisher
Springer London,Springer Nature B.V
