A framework of APT detection based on packets analysis and host destination
So far, APT (Advanced Persistent Threats) is a constant concern for information security. Despite that, many approaches have been used in order to detect APT attacks, such as change controlling, sandboxing and network traffic analysis. However, success of 100% couldn’t be achieved. Current studies...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
University of Baghdad.
2020
|
| Subjects: | |
| Online Access: | http://repo.uum.edu.my/26786/1/IJS%2060%201%202020%20215%20222.pdf http://repo.uum.edu.my/26786/ http://scbaghdad.edu.iq/eijs/index.php/eijs/issue/view/31 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Utara Malaysia |
| Language: | English |
| id |
my.uum.repo.26786 |
|---|---|
| record_format |
eprints |
| spelling |
my.uum.repo.267862020-02-12T07:20:17Z http://repo.uum.edu.my/26786/ A framework of APT detection based on packets analysis and host destination Alminshid, Khalid Abdulrazzaq Abdulnabi Omar, Mohd Nizam QA75 Electronic computers. Computer science So far, APT (Advanced Persistent Threats) is a constant concern for information security. Despite that, many approaches have been used in order to detect APT attacks, such as change controlling, sandboxing and network traffic analysis. However, success of 100% couldn’t be achieved. Current studies have illustrated that APTs adopt many complex techniques to evade all detection types. This paper describes and analyzes APT problems by analyzing the most common techniques, tools and pathways used by attackers. In addition, it highlights the weaknesses and strengths of the existing security solutions that have been used since the threat was identified in 2006 until 2019. Furthermore, this research proposes a new framework that can be used to repel this threat based on APT activity with network traffic through packets analysis and host destination. University of Baghdad. 2020 Article PeerReviewed application/pdf en http://repo.uum.edu.my/26786/1/IJS%2060%201%202020%20215%20222.pdf Alminshid, Khalid Abdulrazzaq Abdulnabi and Omar, Mohd Nizam (2020) A framework of APT detection based on packets analysis and host destination. Iraqi Journal of Science, 2020, 61 (1). pp. 215-22. ISSN 0067-2904 http://scbaghdad.edu.iq/eijs/index.php/eijs/issue/view/31 |
| institution |
Universiti Utara Malaysia |
| building |
UUM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Utara Malaysia |
| content_source |
UUM Institutional Repository |
| url_provider |
http://repo.uum.edu.my/ |
| language |
English |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Alminshid, Khalid Abdulrazzaq Abdulnabi Omar, Mohd Nizam A framework of APT detection based on packets analysis and host destination |
| description |
So far, APT (Advanced Persistent Threats) is a constant concern for information security. Despite that, many approaches have been used in order to detect APT attacks, such as change controlling, sandboxing and network traffic analysis. However, success of 100% couldn’t be achieved. Current studies have illustrated
that APTs adopt many complex techniques to evade all detection types. This paper describes and analyzes APT problems by analyzing the most common techniques, tools and pathways used by attackers. In addition, it highlights the weaknesses and
strengths of the existing security solutions that have been used since the threat was identified in 2006 until 2019. Furthermore, this research proposes a new framework that can be used to repel this threat based on APT activity with network traffic through packets analysis and host destination. |
| format |
Article |
| author |
Alminshid, Khalid Abdulrazzaq Abdulnabi Omar, Mohd Nizam |
| author_facet |
Alminshid, Khalid Abdulrazzaq Abdulnabi Omar, Mohd Nizam |
| author_sort |
Alminshid, Khalid Abdulrazzaq Abdulnabi |
| title |
A framework of APT detection based on packets analysis and host destination |
| title_short |
A framework of APT detection based on packets analysis and host destination |
| title_full |
A framework of APT detection based on packets analysis and host destination |
| title_fullStr |
A framework of APT detection based on packets analysis and host destination |
| title_full_unstemmed |
A framework of APT detection based on packets analysis and host destination |
| title_sort |
framework of apt detection based on packets analysis and host destination |
| publisher |
University of Baghdad. |
| publishDate |
2020 |
| url |
http://repo.uum.edu.my/26786/1/IJS%2060%201%202020%20215%20222.pdf http://repo.uum.edu.my/26786/ http://scbaghdad.edu.iq/eijs/index.php/eijs/issue/view/31 |
| _version_ |
1662757777656774656 |