dc.contributor.author | Bodström, Tero | |
dc.contributor.author | Hämäläinen, Timo | |
dc.contributor.editor | Chen, Xuemin | |
dc.contributor.editor | Sen, Arunabha | |
dc.contributor.editor | Li, Wei Wayne | |
dc.contributor.editor | Thai, My T. | |
dc.date.accessioned | 2018-12-19T08:24:35Z | |
dc.date.available | 2019-11-18T22:35:39Z | |
dc.date.issued | 2018 | |
dc.identifier.citation | Bodström, T., & Hämäläinen, T. (2018). A Novel Method for Detecting APT Attacks by Using OODA Loop and Black Swan Theory. In X. Chen, A. Sen, W. W. Li, & M. T. Thai (Eds.), <i>Computational Data and Social Networks : 7th International Conference, CSoNet 2018, December 18-20, 2018, Shanghai, China, Proceedings</i> (pp. 498-509). Springer. Lecture Notes in Computer Science, 11280. <a href="https://doi.org/10.1007/978-3-030-04648-4_42" target="_blank">https://doi.org/10.1007/978-3-030-04648-4_42</a> | |
dc.identifier.other | CONVID_28767782 | |
dc.identifier.other | TUTKAID_79786 | |
dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/60675 | |
dc.description.abstract | Advanced Persistent Threat(APT) attacks are a major concern for the modern societal digital infrastructures due to their highly
sophisticated nature. The purpose of these attacks varies from long period espionage in high level environment to causing maximal destruction
for targeted cyber environment. Attackers are skilful and well funded by
governments in many cases. Due to sophisticated methods it is highly
important to study proper countermeasures to detect these attacks as
early as possible. Current detection methods under-performs causing situations where an attack can continue months or even years in a targeted
environment. We propose a novel method for analysing APT attacks
through OODA loop and Black Swan theory by defining them as a multivector multi-stage attacks with continuous strategical ongoing campaign.
Additionally it is important to notice that for developing better performing detection methods, we have to find the most common factor within
these attacks. We can state that the most common factor of APT attacks
is communication, thus environment has to be developed in a way that
we are able to capture complete network flow and analyse it. | fi |
dc.format.extent | 544 | |
dc.format.mimetype | application/pdf | |
dc.language.iso | eng | |
dc.publisher | Springer | |
dc.relation.ispartof | Computational Data and Social Networks : 7th International Conference, CSoNet 2018, December 18-20, 2018, Shanghai, China, Proceedings | |
dc.relation.ispartofseries | Lecture Notes in Computer Science | |
dc.rights | In Copyright | |
dc.subject.other | Advanced Persistent Thread (APT) | |
dc.subject.other | OODA loop | |
dc.subject.other | Black Swan theory | |
dc.subject.other | network anomaly detection | |
dc.title | A Novel Method for Detecting APT Attacks by Using OODA Loop and Black Swan Theory | |
dc.type | conferenceObject | |
dc.identifier.urn | URN:NBN:fi:jyu-201812145146 | |
dc.contributor.laitos | Informaatioteknologian tiedekunta | fi |
dc.contributor.laitos | Faculty of Information Technology | en |
dc.contributor.oppiaine | Tietojärjestelmätiede | fi |
dc.contributor.oppiaine | Information Systems Science | en |
dc.type.uri | http://purl.org/eprint/type/ConferencePaper | |
dc.date.updated | 2018-12-14T13:15:20Z | |
dc.relation.isbn | 978-3-030-04647-7 | |
dc.type.coar | http://purl.org/coar/resource_type/c_5794 | |
dc.description.reviewstatus | peerReviewed | |
dc.format.pagerange | 498-509 | |
dc.relation.issn | 0302-9743 | |
dc.relation.numberinseries | 11280 | |
dc.type.version | acceptedVersion | |
dc.rights.copyright | © Springer Nature Switzerland AG 2018. | |
dc.rights.accesslevel | openAccess | fi |
dc.relation.conference | International Conference on Computational Social Networks | |
dc.format.content | fulltext | |
dc.rights.url | http://rightsstatements.org/page/InC/1.0/?language=en | |
dc.rights.accessrights | | |
dc.relation.doi | 10.1007/978-3-030-04648-4_42 | |
dc.type.okm | A4 | |