| Title | Detecting and Predicting APT Based on the Study of Cyber Kill Chain with Hierarchical Knowledge Reasoning |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Wen, Senhao, He, Nengqiang, Yan, Hanbing |
| Conference Name | Proceedings of the 2017 VI International Conference on Network, Communication and Computing |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5366-3 |
| Keywords | APT, Cyber Kill Chain, Human Behavior, knowledge-based, pubcrawl, resilience, Resiliency, Scalability, supply chain security |
| Abstract | It has been discovered that quite a few organizations have become the victims of APT, which is a deliberate and malicious espionage threat to military, political, infrastructure targets for the purpose of stealing the core data or thwarting the normal operation of the organizations. Thus, working out a solution for detecting and predicting APT is a major goal for scientific research. But APT has a characteristic feature of good concealment which prevent we capturing it just in time by existing solutions. In this paper, through a deep study of Cyber Kill Chain, we proposed a solution to detect and predict APTs with hierarchical Knowledge reasoning on the basis of cyber-security-monitoring, intelligence-gathering, etc. The solution seeks for connections between real-time alarms and the intelligence from Hacker Profile, Cyber Resources Profile, Social Engineering Database, Cyber Attack Tool Fingerprint Database, Vulnerability Database, Malicious Code Genome Map, etc. According to our experiments, it is effective and has high accuracy. |
| DOI | 10.1145/3171592.3171641 |
| Citation Key | wen_detecting_2017 |
Detecting and Predicting APT Based on the Study of Cyber Kill Chain with Hierarchical Knowledge Reasoning