Visible to the public Biblio

Filters: Keyword is persistent threat pattern discovery  [Clear All Filters]
2017-02-14
F. Quader, V. Janeja, J. Stauffer.  2015.  "Persistent threat pattern discovery". 2015 IEEE International Conference on Intelligence and Security Informatics (ISI). :179-181.

Advanced Persistent Threat (APT) is a complex (Advanced) cyber-attack (Threat) against specific targets over long periods of time (Persistent) carried out by nation states or terrorist groups with highly sophisticated levels of expertise to establish entries into organizations, which are critical to a country's socio-economic status. The key identifier in such persistent threats is that patterns are long term, could be high priority, and occur consistently over a period of time. This paper focuses on identifying persistent threat patterns in network data, particularly data collected from Intrusion Detection Systems. We utilize Association Rule Mining (ARM) to detect persistent threat patterns on network data. We identify potential persistent threat patterns, which are frequent but at the same time unusual as compared with the other frequent patterns.