Visible to the public APT Attack Behavior Pattern Mining Using the FP-Growth Algorithm

Submitted by grigby1 on Mon, 03/19/2018 - 12:55pm
TitleAPT Attack Behavior Pattern Mining Using the FP-Growth Algorithm
Publication TypeConference Paper
Year of Publication2017
AuthorsLee, M., Choi, J., Choi, C., Kim, P.
Conference Name2017 14th IEEE Annual Consumer Communications Networking Conference (CCNC)
Keywordsadvanced persistent threat attacks, advanced persistent threats, API files, application program interfaces, APT attack, APT attack behavior pattern mining, Cancer, Conferences, data mining, digital signatures, firewalls, FP-growth algorithm, host PC security technologies, Human Behavior, Intrusion detection, Malware, Metrics, Pattern matching, Pattern Mining, PE files, pubcrawl, resilience, Resiliency, Scalability, signature-based intrusion detection systems
Abstract

There are continuous hacking and social issues regarding APT (Advanced Persistent Threat - APT) attacks and a number of antivirus businesses and researchers are making efforts to analyze such APT attacks in order to prevent or cope with APT attacks, some host PC security technologies such as firewalls and intrusion detection systems are used. Therefore, in this study, malignant behavior patterns were extracted by using an API of PE files. Moreover, the FP-Growth Algorithm to extract behavior information generated in the host PC in order to overcome the limitation of the previous signature-based intrusion detection systems. We will utilize this study as fundamental research about a system that extracts malignant behavior patterns within networks and APIs in the future.
URLhttp://ieeexplore.ieee.org/document/8013435/
DOI10.1109/CCNC.2017.8013435
Citation Keylee_apt_2017
Groups: