Visible to the public "Persistent threat pattern discovery"Conflict Detection Enabled

Submitted by abfox on Tue, 02/14/2017 - 12:36pm
Title"Persistent threat pattern discovery"
Publication TypeConference Paper
Year of Publication2015
AuthorsF. Quader, V. Janeja, J. Stauffer
Conference Name2015 IEEE International Conference on Intelligence and Security Informatics (ISI)
Date PublishedMay
PublisherIEEE
ISBN Number978-1-4799-9889-0
Accession Number15311612
Keywordsadvanced persistent threat, Advanced Persistent Threat (APT), APT, ARM, association rule mining, Association Rule Mining (ARM), association rules, cyber-attack, data mining, frequent pattern discovery, Government, Intrusion detection, Intrusion Detection Systems, IP networks, network data, Persistent Threat (PT), persistent threat identification, persistent threat pattern discovery, pubcrawl170101, security of data
Abstract

Advanced Persistent Threat (APT) is a complex (Advanced) cyber-attack (Threat) against specific targets over long periods of time (Persistent) carried out by nation states or terrorist groups with highly sophisticated levels of expertise to establish entries into organizations, which are critical to a country's socio-economic status. The key identifier in such persistent threats is that patterns are long term, could be high priority, and occur consistently over a period of time. This paper focuses on identifying persistent threat patterns in network data, particularly data collected from Intrusion Detection Systems. We utilize Association Rule Mining (ARM) to detect persistent threat patterns on network data. We identify potential persistent threat patterns, which are frequent but at the same time unusual as compared with the other frequent patterns.
URLhttp://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7165967&isnumber=7165923
DOI10.1109/ISI.2015.7165967
Citation Key7165967
Groups: