Alerts Correlation and Causal Analysis for APT Based Cyber Attack Detection

Alerts Correlation and Causal Analysis for APT Based Cyber Attack Detection

The advent of Advanced Persistent Threat (APT) as a new concept in cyber warfare has raised many concerns in recent years. APT based cyber-attacks are usually stealthy, stepwise, slow, long-term, planned, and based on a set of varied zero-day vulnerabilities. As a result, these attacks behave as div...

Full description

Bibliographic Details
Main Authors:	Mehran Khosravi, Behrouz Tork Ladani
Format:	Article
Language:	English
Published:	IEEE 2020-01-01
Series:	IEEE Access
Subjects:	Advanced persistent threat (APT) attack process modeling alerts correlation causal analysis
Online Access:	https://ieeexplore.ieee.org/document/9186060/

Similar Items

Cyber Situation Comprehension for IoT Systems based on APT Alerts and Logs Correlation
by: Xiang Cheng, et al.
Published: (2019-09-01)

Hidden Markov Models and Alert Correlations for the Prediction of Advanced Persistent Threats
by: Ibrahim Ghafir, et al.
Published: (2019-01-01)

A Cognitive Deception Model for Generating Fake Documents to Curb Data Exfiltration in Networks During Cyber-Attacks
by: Olayiwola Tokunbo Taofeek, et al.
Published: (2022-01-01)

Collaborative Federated Learning-Based Model for Alert Correlation and Attack Scenario Recognition
by: Hadeel K. Alkhpor, et al.
Published: (2023-11-01)

Active Directory Attacks—Steps, Types, and Signatures
by: Basem Ibrahim Mokhtar, et al.
Published: (2022-08-01)

Advanced Persistent Threat Group Correlation Analysis via Attack Behavior Patterns and Rough Sets
by: Jingwen Li, et al.
Published: (2024-03-01)

Systematic Literature Review of Security Event Correlation Methods
by: Igor Kotenko, et al.
Published: (2022-01-01)

Cyber-Attack Prediction Based on Network Intrusion Detection Systems for Alert Correlation Techniques: A Survey
by: Hashim Albasheer, et al.
Published: (2022-02-01)

The Cousins of Stuxnet: Duqu, Flame, and Gauss
by: Márk Félegyházi, et al.
Published: (2012-11-01)

Insights into Organizational Security Readiness: Lessons Learned from Cyber-Attack Case Studies
by: Faisal Quader, et al.
Published: (2021-11-01)

A review of threat modelling approaches for APT-style attacks
by: Matt Tatam, et al.
Published: (2021-01-01)

An Intrusion Action-Based IDS Alert Correlation Analysis and Prediction Framework
by: Kai Zhang, et al.
Published: (2019-01-01)

BAN: Predicting APT Attack Based on Bayesian Network With MITRE ATT&CK Framework
by: Youngjoon Kim, et al.
Published: (2023-01-01)

Network Security Risk Assessment Framework Based on Tactical Correlation
by: LIU Jie-ling, LING Xiao-bo, ZHANG Lei, WANG Bo, WANG Zhi-liang, LI Zi-mu, ZHANG Hui, YANG Jia-hai, WU Cheng-nan
Published: (2022-09-01)

Classification and Analysis of Malicious Code Detection Techniques Based on the APT Attack
by: Kyungroul Lee, et al.
Published: (2023-02-01)

Honeypot game‐theoretical model for defending against APT attacks with limited resources in cyber‐physical systems
by: Wen Tian, et al.
Published: (2019-09-01)

A Novel Deep Learning Stack for APT Detection
by: Tero Bodström, et al.
Published: (2019-03-01)

APT Attack Detection Scheme Based on CK Sketch and DNS Traffic
by: Defan Xue, et al.
Published: (2023-02-01)

Intrusion Alert Framework using Semantic Web and Data Mining Approach
by: Jatuphum Juanchaiyaphum, et al.
Published: (2021-11-01)

TIM: threat context-enhanced TTP intelligence mining on unstructured threat data
by: Yizhe You, et al.
Published: (2022-02-01)

A Causal Graph-Based Approach for APT Predictive Analytics
by: Haitian Liu, et al.
Published: (2023-04-01)

A Multi-Step Attack Detection Model Based on Alerts of Smart Grid Monitoring System
by: Hua Zhang, et al.
Published: (2020-01-01)

Dataset Selection for Attacker Group Identification Methods
by: Artem Pavlov, et al.
Published: (2021-10-01)

Evaluation of Attackers’ Skill Levels in Multi-Stage Attacks
by: Terézia Mézešová, et al.
Published: (2020-11-01)

APT Attack Detection Based on Graph Convolutional Neural Networks
by: Weiwu Ren, et al.
Published: (2023-11-01)

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses
by: Zia Muhammad, et al.
Published: (2023-06-01)

Nation-State Threat Actor Attribution Using Fuzzy Hashing
by: Michal Kida, et al.
Published: (2023-01-01)

The added value of relative amide proton transfer (rAPT) to advanced multiparametric MR imaging for brain glioma characterization
by: Mai A. Mostafa, et al.
Published: (2023-10-01)

OMMA: open architecture for Operator-guided Monitoring of Multi-step Attacks
by: Julio Navarro, et al.
Published: (2018-05-01)

Attacker group detection method based on HTTP payload analysis
by: Artem V. Pavlov, et al.
Published: (2023-06-01)

Discovering Suspicious APT Behaviors by Analyzing DNS Activities
by: Guanghua Yan, et al.
Published: (2020-01-01)

Research on attack scenario reconstruction method based on causal knowledge discovery
by: Di FAN, et al.
Published: (2017-04-01)

TELER Performance as Real-Time Intrusion Detection and Threat Alert Based on Web Log-In Detecting Directory Bruteforce Attacks on Websites
by: Rio Darmawan, et al.
Published: (2023-12-01)

Advanced Persistent Threat (APT) and intrusion detection evaluation dataset for linux systems 2024
by: Syed Sohaib Karim, et al.
Published: (2024-06-01)

A Novel Method for Detecting Advanced Persistent Threat Attack Based on Belief Rule Base
by: Guozhu Wang, et al.
Published: (2021-10-01)

A systematic literature review for APT detection and Effective Cyber Situational Awareness (ECSA) conceptual model
by: Duraid Thamer Salim, et al.
Published: (2023-07-01)

Conditions determining decisions on the announcement, change and revocation of alert levels and CRP alert levels
by: Rafał Wróbel
Published: (2020-06-01)

Under false flag: using technical artifacts for cyber attack attribution
by: Florian Skopik, et al.
Published: (2020-03-01)

APT Adversarial Defence Mechanism for Industrial IoT Enabled Cyber-Physical System
by: Safdar Hussain Javed, et al.
Published: (2023-01-01)

Exploiting the Outcome of Outlier Detection for Novel Attack Pattern Recognition on Streaming Data
by: Michael Heigl, et al.
Published: (2021-09-01)