[vc_row][vc_column width=”1\/2″][vc_custom_heading heading_semantic=”p” text_font=”font-213936″ text_size=”h5″ text_height=”fontheight-843833″ uncode_shortcode_id=”496158″]Kriativ-tech Volume 1, Issue 9, April 2018, Pages: xxx Received: Dec. 28, 2019; Accepted: Feb. 25, 2020. Published: Oct. 11, 2022.[\/vc_custom_heading][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]Authors[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_size=”h5″ uncode_shortcode_id=”117451″]<\/p>\n
Pedro Ramos Brand\u00e3o,\u00a0Full Professor \u2013 ISTEC Lisbon<\/p>\n
Gabriel Pereira Matos,\u00a0Computer Science MSc Student<\/p>\n
[\/vc_custom_heading][\/vc_column][vc_column width=”1\/2″][vc_custom_heading]Media[\/vc_custom_heading][vc_button button_color=”accent” border_animation=”btn-ripple-out” border_width=”0″ link=”url:http%3A%2F%2Fwww.kriativ-tech.com%2Fwp-content%2Fuploads%2F2023%2F01%2FMachine_Learning_and_APTs.pdf|target:_blank” button_color_type=”uncode-palette” uncode_shortcode_id=”184379″]PDF[\/vc_button][vc_custom_heading heading_semantic=”h4″ text_size=”h4″]To cite this article[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_size=”h6″ uncode_shortcode_id=”189586″]Pedro Ramos Brand\u00e3o, Gabriel Pereira Matos\u00a0Machine Learning and APTs<\/b>
\nDOI: 10.31112\/kriativ-tech-2022-06-79[\/vc_custom_heading][\/vc_column][\/vc_row][vc_row row_height_percent=”0″ overlay_alpha=”50″ gutter_size=”1″ column_width_percent=”100″ shift_y=”0″ z_index=”0″][vc_column column_width_percent=”100″ gutter_size=”0″ override_padding=”yes” column_padding=”1″ overlay_alpha=”50″ shift_x=”0″ shift_y=”0″ shift_y_down=”0″ z_index=”0″ medium_width=”0″ mobile_width=”0″ width=”1\/1″][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]Abstract[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_font=”font-213936″ text_size=”h5″ text_height=”fontheight-843833″ uncode_shortcode_id=”203796″]APTs, also known as Advanced Persistent Threats, are a type of cyberattack characterized by slow and stealthy methods of attack. As one of the most worrying attack methods today, it’s important to understand what they are and how they work. At the moment, there are already some techniques for detecting APTs through the training and learning method known as Machine Learning. This article introduces the definitions of APTs and machine learning clarifies the operation of APTs, and introduces and discusses some techniques for APTs detection.[\/vc_custom_heading][vc_empty_space empty_h=”2″][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]Keywords[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_size=”h5″ uncode_shortcode_id=”742376″]Advanced Persistent Threats, Cybersecurity, Machine Learning[\/vc_custom_heading][\/vc_column][\/vc_row][vc_row][vc_column column_width_percent=”100″ gutter_size=”0″ overlay_alpha=”50″ shift_x=”0″ shift_y=”0″ shift_y_down=”0″ z_index=”0″ medium_width=”0″ mobile_width=”0″ width=”1\/1″][vc_custom_heading heading_semantic=”h3″ text_size=”h3″]References[\/vc_custom_heading][vc_custom_heading heading_semantic=”p” text_font=”font-213936″ text_size=”h5″ text_height=”fontheight-843833″ uncode_shortcode_id=”203513″][1]A. Alshamrani, S. Myneni, A. Chowdhary, and D. Huang, \u201cA survey on Advanced persistent threats: Techniques, solutions, challenges, and research opportunities,\u201d IEEE Communications Surveys & Tutorials, vol. 21, no. 2, pp. 1851\u20131877, Jan. 2019.
\n[2]R. S. Ross, \u201cManaging information security risk: Organization, mission, and information system view,\u201d Special Publication (NIST SP)- 800-39, 2011.
\n[3]P. Chen, L. Desmet, and C. Huygens, \u201cA study on advanced persistent threats,\u201d in IFIP International Conference on Communications and Multimedia Security. Springer, 2014, pp. 63\u201372.
\n[4] E. M. Hutchins, M. J. Cloppert, R. M. Amin, and others, \u201cIntelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains,\u201d Leading Issues in Information Warfare & Security Research, vol. 1, no. 1, p. 80, 2011.
\n[5] A. K. Sood and R. J. Enbody, \u201cTargeted cyberattacks: a superset of advanced persistent threats,\u201d IEEE security & privacy, vol. 11, no. 1, pp. 54\u201361, 2013.
\n[6] O. S. V. D. (OSVDB), \u201cOpen source vulnerability database (osvdb),\u201d 2012.
\n[7] P. Mell, K. Scarfone, and S. Romanosky, \u201cCommon vulnerability scoring system,\u201d IEEE Security & Privacy, vol. 4, no. 6, 2006.
\n[8] M. Motoyama, D. McCoy, K. Levchenko, S. Savage, and G. M. Voelker, \u201cAn analysis of underground forums,\u201d in Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference. ACM, 2011, pp. 71\u201380.
\n[9] M. Ussath, D. Jaeger, F. Cheng, and C. Meinel, \u201cAdvanced persistent threats: Behind the scenes,\u201d in Information Science and Systems (CISS), 2016 Annual Conference on. IEEE, 2016, pp. 181\u2013186.
\n[10]A. TrendLabsSM, \u201cSpear-Phishing Email: Most Favored APT Attack Bait\u201d, 2012.
\n[11]G. O\u2019Gorman and G. McDonald, \u201cThe elderwood project\u201d. Symantec Corporation, 2012.
\n[12]W. Gragido, \u201cLions at the watering hole: The voho affair,\u201d RSA blog, vol. 20, 2012.
\n[13]D. Kindlund, D. Caselden, X. Chen, N. Moran, and M. Scott, \u201cOperation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars Website,\u201d FireEye, 13-Feb-2014. [Online]. Available: https:\/\/www.fireeye.com\/blog\/threat-research\/2014\/02\/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html. [Accessed: 13-Jul-2022].
\n[14]S. McClure et al., \u201cProtecting your critical assets-lessons learned from operation aurora,\u201d Tech. Rep., 2010.
\n[15]RSA FraudAction Research Labs, \u201cThe anatomy of the RSA attack,\u201d RSA blog, 01-Apr-2011. [Online]. Available: http:\/\/blogs.rsa.com\/anatomy-of-an-attack\/. [Accessed: 13-Jul-2022].
\n[16]X. Wang, K. Zheng, X. Niu, B. Wu, and C. Wu, \u201cDetection of command and control in advanced persistent threat based on independent access,\u201d in Communications (ICC), 2016 IEEE International Conference on. IEEE, 2016, pp. 1\u20136.
\n[17]B. Harris, \u201cShadows in the cloud: An investigation of cyber espionage 2.0,\u201d GovTech, 02-Aug-2010. [Online]. Available: https:\/\/www.govtech.com\/dc\/articles\/shadows-in-the-cloud-an-investigation.html. [Accessed: 13-Jul-2022].
\n[18]M. Z. Rafique, P. Chen, C. Huygens, and W. Joosen, \u201cEvolutionary algorithms for classification of malware families through different network behaviors,\u201d in Proceedings of the 2014 Annual Conference on Genetic and Evolutionary Computation, 2014, pp. 1167\u20131174.
\n[19]E. Rajalakshmi, N. Asik Ibrahim, and V. Subramaniyaswamy, \u201cA survey of machine learning techniques used to combat against the advanced persistent threat,\u201d Applications and Techniques in Information Security, pp. 159\u2013172, Nov. 2019.
\n[20]I. Ghafir, M. Hammoudeh, V. Prenosil, L. Han, R. Hegarty, K. Rabie, and F. J. Aparicio-Navarro, \u201cDetection of advanced persistent threat using machine-learning correlation analysis,\u201d Future Generation Computer Systems, vol. 89, pp. 349\u2013359, Jul. 2018.
\n[21]H. HaddadPajouh, A. Dehghantanha, R. Khayami, and K.-K. R. Choo, \u201cA deep recurrent neural network based approach for internet of things malware threat hunting,\u201d Future Generation Computer Systems, vol. 85, pp. 88\u201396, Mar. 2018.
\n[22]F. J. Aparicio-Navarro, K. G. Kyriakopoulos, Y. Gong, D. J. Parish, and J. A. Chambers, \u201cUsing Pattern-of-Life as Contextual Information for Anomaly-Based Intrusion Detection Systems,\u201d IEEE Access, vol. 5, pp. 22177\u201322193, 2017, doi: 10.1109\/ACCESS.2017.2762162.
\n[23]S.-T. Liu, Y.-M. Chen, and S.-J. Lin, \u201cA novel search engine to uncover potential victims for apt investigations,\u201d in IFIP International Conference on Network and Parallel Computing, 2013, pp. 405\u2013416.
\n[24]G. E. Hinton, \u201cDeep belief networks,\u201d Scholarpedia, vol. 4, no. 5, p. 5947, 2009.
\n[25]M. Moradi and M. Zulkernine, \u201cA neural network based system for intrusion detection and classification of attacks,\u201d in Proceedings of the IEEE international conference on advances in intelligent systems-theory and applications, 2004, pp. 15\u201318.
\n[26]M. Balduzzi, V. Ciangaglini, and R. McArdle, \u201cTargeted attacks detection with spunge,\u201d in 2013 Eleventh Annual Conference on Privacy, Security and Trust, 2013, pp. 185\u2013194.
\n[27]A. Azmoodeh, A. Dehghantanha, and K.-K. R. Choo, \u201cRobust malware detection for internet of (battlefield) things devices using deep eigenspace learning,\u201d IEEE transactions on sustainable computing, vol. 4, no. 1, pp. 88\u201395, 2018.
\n[\/vc_custom_heading][\/vc_column][\/vc_row]<\/p>\n","protected":false},"excerpt":{"rendered":"
Pedro Ramos Brand\u00e3o,\u00a0Full Professor \u2013 ISTEC Lisbon
\nGabriel Pereira Matos,\u00a0Computer Science MSc Student
\nDOI: 10.31112\/kriativ-tech-2022-06-79<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[70],"tags":[],"_links":{"self":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts\/66487"}],"collection":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=66487"}],"version-history":[{"count":2,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts\/66487\/revisions"}],"predecessor-version":[{"id":66501,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=\/wp\/v2\/posts\/66487\/revisions\/66501"}],"wp:attachment":[{"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=66487"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=66487"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.kriativ-tech.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=66487"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}