Title : 
A Context-Based Detection Framework for Advanced Persistent Threats
         
        
            Author : 
Giura, P. ; Wei Wang
         
        
            Author_Institution : 
AT&T Security Res. Center, New York, NY, USA
         
        
        
        
        
        
            Abstract : 
Besides a large set of malware categories such as worms and Trojan horses, Advanced Persistent Threat (APT) is another more sophisticated attack entity emerging in the cyber threats environment. In this paper we propose a model of the APT detection problem as well as a methodology to implement it on a generic organization network. From our knowledge, the proposed method is the first to address the problem of modeling an APT and to provide a possible detection framework.
         
        
            Keywords : 
invasive software; organisational aspects; APT detection problem; Trojan horses; advanced persistent threats; context-based detection framework; cyber threat environment; generic organization network; malware categories; worms; APT; Security;
         
        
        
        
            Conference_Titel : 
Cyber Security (CyberSecurity), 2012 International Conference on
         
        
            Conference_Location : 
Washington, DC
         
        
            Print_ISBN : 
978-1-4799-0219-4
         
        
        
            DOI : 
10.1109/CyberSecurity.2012.16