Downloads: 3 | Views: 229

Research Paper | Computer Science | Nigeria | Volume 10 Issue 8, August 2021 | Popularity: 4.9 / 10

Rate This Article!      

A Data Driven Anomaly Based Behavior Detection Method for Advanced Persistent Threats (APT)

Ezefosie Nkiru, Ohemu Monday Fredrick

Abstract: Advanced Persistent Threats (APT), represents sophisticated and enduring network intrusion campaigns targeting sensitive information from targeted organizations and operating over long period. These types of threats are much harder to detect using signature - based methods. Anomaly - based, which consists of monitoring system activity to determine whether an observed activity is normal or abnormal, according to a heuristic or statistical analysis, can be used to detect unknown attacks, but despite all significant research efforts, such techniques still suffer from a high number of false positive. Detecting APTs is complex because it tends to follow a ?low and slow? attack profile that is very difficult to distinguish from normal, legitimate activity. The volume of data that must be analyzed is overwhelming. One technology that holds promise for detecting these kind of attack that is nearly invisible is Big data analytics. In this work, we propose a data driven anomaly based behavior detection method which aims to leverage big data methods, capable of processing significant amounts of data from diverse or several data sources. Big data analytics will significantly enhance or improve the detection capabilities, enabling to detect Advanced Persistent Threats (APT) activities that are passing under the radar of traditional security solutions.

Keywords: Big data, Advanced Persistent Threats, Big data analytics, network intrusion, Hadoop

Edition: Volume 10 Issue 8, August 2021

Pages: 663 - 667

DOI: https://www.doi.org/10.21275/SR21726172522

Make Sure to Disable the Pop-Up Blocker of Web Browser

Click to Cite this Article

Similar Articles