A Novel Deep Learning Stack for APT Detection
Bodström, T., & Hämäläinen, T. (2019). A Novel Deep Learning Stack for APT Detection. Applied Sciences, 9(6), Article 1055. https://doi.org/10.3390/app9061055
Published inApplied Sciences
© 2019 by The Authors. Licensee MDPI, Basel, Switzerland.
We present a novel Deep Learning (DL) stack for detecting Advanced Persistent threat (APT) attacks. This model is based on a theoretical approach where an APT is observed as a multi-vector multi-stage attack with a continuous strategic campaign. To capture these attacks, the entire network flow and particularly raw data must be used as an input for the detection process. By combining different types of tailored DL-methods, it is possible to capture certain types of anomalies and behaviour. Our method essentially breaks down a bigger problem into smaller tasks, tries to solve these sequentially and finally returns a conclusive result. This concept paper outlines, for example, the problems and possible solutions for the tasks. Additionally, we describe how we will be developing, implementing and testing the method in the near future.
ISSN Search the Publication Forum2076-3417
Publication in research information system
MetadataShow full item record
Showing items with similar title or keywords.
Unsupervised network intrusion detection systems for zero-day fast-spreading network attacks and botnets Vahdani Amoli, Payam (University of Jyväskylä, 2015)Today, the occurrence of zero-day and complex attacks in high-speed networks is increasingly common due to the high number vulnerabilities in the cyber world. As a result, intrusions become more sophisticated and fast ...
State of the Art Literature Review on Network Anomaly Detection with Deep Learning Bodström, Tero; Hämäläinen, Timo (Springer, 2018)As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems ...
State of the art literature review on Network Anomaly Detection Bodström, Tero; Hämäläinen, Timo (Springer, 2018)As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems ...
A Network-Based Framework for Mobile Threat Detection Kumar, Sanjay; Viinikainen, Ari; Hämäläinen, Timo (IEEE, 2018)Mobile malware attacks increased three folds in the past few years and continued to expand with the growing number of mobile users. Adversary uses a variety of evasion techniques to avoid detection by traditional systems, ...
Intrusion detection applications using knowledge discovery and data mining Juvonen, Antti (University of Jyväskylä, 2014)