Title :
Multi-agent System for APT Detection
Author :
Mees, Wim ; Debatty, Thibault
Author_Institution :
R. Mil. Acad., Brussels, Belgium
Abstract :
Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.
Keywords :
computer network security; intranets; multi-agent systems; probability; APT detection; advanced aggregation techniques; advanced persistent threats; corporate network; cyber attacks; false alarm ratio probability; firewalls; intrusion detection systems; multiagent system; network protection solutions; proxies; Detectors; Electronic mail; Malware; Multi-agent systems; Open wireless architecture; Servers;
Conference_Titel :
Software Reliability Engineering Workshops (ISSREW), 2014 IEEE International Symposium on
Conference_Location :
Naples
DOI :
10.1109/ISSREW.2014.86
