Machine Learning for APT Detection
-
Published:2023-09-16
Issue:18
Volume:15
Page:13820
-
ISSN:2071-1050
-
Container-title:Sustainability
-
language:en
-
Short-container-title:Sustainability
Author:
AL-Aamri Abdullah Said1, Abdulghafor Rawad12, Turaev Sherzod3ORCID, Al-Shaikhli Imad1, Zeki Akram1, Talib Shuhaili1
Affiliation:
1. Department of Computer Science, Faculty of Information and Communication Technology, International Islamic University Malaysia, Kuala Lumpur 53100, Malaysia 2. Faculty of Computer Studies (FCS), Arab Open University-Oman, Muscat P.O. Box 1596, Oman 3. Department of Computer Science and Software Engineering, College of Information Technology, United Arab Emirates University, Al Ain 15551, United Arab Emirates
Abstract
Nowadays, countries face a multitude of electronic threats that have permeated almost all business sectors, be it private corporations or public institutions. Among these threats, advanced persistent threats (APTs) stand out as a well-known example. APTs are highly sophisticated and stealthy computer network attacks meticulously designed to gain unauthorized access and persist undetected threats within targeted networks for extended periods. They represent a formidable cybersecurity challenge for governments, corporations, and individuals alike. Recognizing the gravity of APTs as one of the most critical cybersecurity threats, this study aims to reach a deeper understanding of their nature and propose a multi-stage framework for automated APT detection leveraging time series data. Unlike previous models, the proposed approach has the capability to detect real-time attacks based on stored attack scenarios. This study conducts an extensive review of existing research, identifying its strengths, weaknesses, and opportunities for improvement. Furthermore, standardized techniques have been enhanced to enhance their effectiveness in detecting APT attacks. The learning process relies on datasets sourced from various channels, including journal logs, traceability audits, and systems monitoring statistics. Subsequently, an efficient APT detection and prevention system, known as the composition-based decision tree (CDT), has been developed to operate in complex environments. The obtained results demonstrate that the proposed approach consistently outperforms existing algorithms in terms of detection accuracy and effectiveess.
Subject
Management, Monitoring, Policy and Law,Renewable Energy, Sustainability and the Environment,Geography, Planning and Development,Building and Construction
Reference40 articles.
1. Dive into Deep Learning;Czum;J. Am. Coll. Radiol.,2020 2. Ahmad, W., Rasool, A., Javed, A.R., Baker, T., and Jalil, Z. (2022). Cyber security in IoT-based cloud computing: A comprehensive survey. Electronics, 11. 3. Groenendaal, J., Helsloot, I., and Reuter, C. (2022, January 22–25). Towards More Insight into Cyber Incident Response Decision Making and its Implications for Cyber Crisis Management. Proceedings of the ISCRAM 2022 Conference Proceedings–19th International Conference on Information Systems for Crisis Response and Management, Tarbes, France. 4. Threats Detection in the Internet of Things Using Convolutional neural networks, long short-term memory, and gated recurrent units;Bajao;Mesopotamian J. Cybersecur.,2023 5. The Purpose of Cybersecurity Governance in the Digital Transformation of Public Services and Protecting the Digital Environment;Mijwil;Mesopotamian J. Cybersecur.,2023
|
|