DocumentCode
187448
Title
Multi-agent System for APT Detection
Author
Mees, Wim ; Debatty, Thibault
Author_Institution
R. Mil. Acad., Brussels, Belgium
fYear
2014
fDate
3-6 Nov. 2014
Firstpage
401
Lastpage
406
Abstract
Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.
Keywords
computer network security; intranets; multi-agent systems; probability; APT detection; advanced aggregation techniques; advanced persistent threats; corporate network; cyber attacks; false alarm ratio probability; firewalls; intrusion detection systems; multiagent system; network protection solutions; proxies; Detectors; Electronic mail; Malware; Multi-agent systems; Open wireless architecture; Servers;
fLanguage
English
Publisher
ieee
Conference_Titel
Software Reliability Engineering Workshops (ISSREW), 2014 IEEE International Symposium on
Conference_Location
Naples
Type
conf
DOI
10.1109/ISSREW.2014.86
Filename
6983874
Link To Document