Advance Persistent Threat

Thakar, Bhavik; Parekh, Chandresh

doi:10.1145/2905055.2905360

Cited by 7 publications

(5 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2) We also assumed that the number of Bots that can simultaneously launch attacks is limited, so for a Flooding attack, Bots have to send as many packets as possible [33], [8]]. Today, many other types of DDoS attacks occur.…”

Section: Issues and Limitationsmentioning

confidence: 99%

“…FCs cause a large amount of traffic to surge simultaneously, causing dramatic stress on the server's network links and resulting in considerable loss of packets and network congestion at last. Although Flooding DDoS attacks are often launched by Botnets [33], [15], the master (attacker) in a Botnet orders compromised hosts (Bots) to simultaneously send packets to deplete the victims resources (e.g., memory, network bandwidth), eventually leaving the victim's system paralyzed [29]. Not only wired networks but also wireless networks [12] face resource constraints, such as limited bandwidth and less memory.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Distinguishing flooding distributed denial of service from flash crowds using four data mining approaches

et al. 2017

View full text Add to dashboard Cite

Flooding Distributed Denial of Service (DDoS) attacks can cause significant damage to Internet. These attacks have many similarities to Flash Crowds (FCs) and are always difficult to distinguish. To solve this issue, this paper first divides existing methods into two categories to clarify existing researches. Moreover, after conducting an extensive analysis, a new feature set is concluded to profile DDoS and FC. Along with this feature set, this paper proposes a new method that employs Data Mining approaches to discriminate between DDoS attacks and FCs. Experiments are conducted to evaluate the proposed method based on two realworld datasets. The results demonstrate that the proposed method could achieve a high accuracy (more than 98%). Additionally, compared with a traditional entropy method, the proposed method still demonstrates better performance.

show abstract

Section: Issues and Limitationsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Distinguishing flooding distributed denial of service from flash crowds using four data mining approaches

et al. 2017

View full text Add to dashboard Cite

show abstract

“…Detection is challenging using traditional defense methodologies [2] as they tend to stay inside the network or repeat intrusions multiple times, until they are able to accomplish their goals [3]. As highly complex, sophisticated and well-resourced threats, they are often aimed towards the government sector [4] [5]. The goal of an APT attack is not just to gather a target entitys data, but to accomplish it undetected [6].…”

Section: Introductionmentioning

confidence: 99%

Dimensions of ‘Socio’ Vulnerabilities of Advanced Persistent Threats

Nicho

McDermott

2019

2019 International Conference on Software, Telecommunications and Computer Networks (SoftCOM)

View full text Add to dashboard Cite

Advanced Persistent Threats (APT) are highly targeted and sophisticated multi-stage attacks, utilizing zero day or near zero-day malware. Directed at internetworked computer users in the workplace, their growth and prevalence can be attributed to both socio (human) and technical (system weaknesses and inadequate cyber defenses) vulnerabilities. While many APT attacks incorporate a blend of socio-technical vulnerabilities, academic research and reported incidents largely depict the user as the prominent contributing factor that can weaken the layers of technical security in an organization. In this paper, our objective is to explore multiple dimensions of socio factors (non-technical vulnerabilities) that contribute to the success of APT attacks in organizations. Expert interviews were conducted with senior managers, working in government and private organizations in the United Arab Emirates (UAE) over a period of four years (2014 to 2017). Contrary to common belief that socio factors derive predominately from user behavior, our study revealed two new dimensions of socio vulnerabilities, namely the role of organizational management, and environmental factors which also contribute to the success of APT attacks. We show that the three dimensions postulated in this study can assist Managers and IT personnel in organizations to implement an appropriate mix of socio-technical countermeasures for APT threats.

show abstract

“…Most recent hacking attacks use Advance Persistent Threat (APT) with unknown vulnerabilities. [3], [22] In addition, the changes and evolution of the attacks are very fast. For this reason, the kind of framework to constantly evaluate the latest vulnerabilities and variant malicious codes is needed, rather than to verify detection capability by evaluating(identifying) the APT attack identification of information security system against past attacks.. That is, it is assumed that the requirement to verify the real function as the information security system in a real environment is premised, rather than receiving a license or a certificate.…”

Section: Introductionmentioning

confidence: 99%

On-line Shared Platform Evaluation Framework for Advanced Persistent Threats

2019

KSII TIIS

View full text Add to dashboard Cite

Advanced persistent threats (APTs) are constant attacks of specific targets by hackers using intelligent methods. All current internal infrastructures are constantly subject to APT attacks created by external and unknown malware. Therefore, information security officers require a framework that can assess whether information security systems are capable of detecting and blocking APT attacks. Furthermore, an on-line evaluation of information security systems is required to cope with various malicious code attacks. A regular evaluation of the information security system is thus essential. In this paper, we propose a dynamic updated evaluation framework to improve the detection rate of internal information systems for malware that is unknown to most (over 60 %) existing static information security system evaluation methodologies using non-updated unknown malware.

show abstract

Advance Persistent Threat

Cited by 7 publications

References 4 publications

Distinguishing flooding distributed denial of service from flash crowds using four data mining approaches

Distinguishing flooding distributed denial of service from flash crowds using four data mining approaches

Dimensions of ‘Socio’ Vulnerabilities of Advanced Persistent Threats

On-line Shared Platform Evaluation Framework for Advanced Persistent Threats

Contact Info

Product

Resources

About