Applying Deep Learning to the Detection of Advanced Persistent Threats
Author | : Qingtian Zou |
Publisher | : |
Total Pages | : 0 |
Release | : 2023 |
ISBN-10 | : OCLC:1401230865 |
ISBN-13 | : |
Rating | : 4/5 ( Downloads) |
Download or read book Applying Deep Learning to the Detection of Advanced Persistent Threats written by Qingtian Zou and published by . This book was released on 2023 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: As people rely more and more on computers in their lives and works, their security is also attracting more and more attentions. Among various computer attacks, one of the most serious attacks is advanced persistent threats (APTs), where the attackers are usually backed by organizations or even governments. APT can remain undetected for a long time span and lead to undesirable consequences such as stealing of sensitive data, broken workflow, and so on. To achieve the attack goal, attackers usually leverage specific tactics that utilize a variety of techniques. In this dissertation, deep learning-based detection methods against several network attacks are first proposed. Also, a protocol fuzzing-based network data generation approach is proposed to generate data for neural network training, and it is shown that this approach can generate high-quality data. Furthermore, a framework to detect APT campaigns incorporating network attacks is proposed. The framework takes previously seen APT tactics, logs and system configuration files as input, and generates a ranked list of APT tactics based on completeness. However, it should be noted that a system's security level is determined by the weakest component inside this system. Therefore, how secure the deep learning systems are should also be evaluated. Specifically, the questions of, when the detection neural networks are in place, how attacks can launch stealthy attacks and what are the difficulties are answered. Finally, security analysis towards the ML system is also proposed.