Multi-agent system for APT detection

Wim Mees; Thibault Debatty

doi:10.1109/ISSREW.2014.86

Multi-agent system for APT detection

Wim Mees, Thibault Debatty

Cyber Defence Lab

Publikation: Beitrag in Buch/Bericht/Konferenzband › Konferenzbeitrag › Begutachtung

Abstract

Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.

Originalsprache	Englisch
Titel	Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014
Herausgeber (Verlag)	Institute of Electrical and Electronics Engineers Inc.
Seiten	401-406
Seitenumfang	6
ISBN (elektronisch)	9781479973774
DOIs	https://doi.org/10.1109/ISSREW.2014.86
Publikationsstatus	Veröffentlicht - 12 Dez. 2014
Veranstaltung	25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014 - Naples, Italien Dauer: 3 Nov. 2014 → 6 Nov. 2014

Publikationsreihe

Name	Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

Konferenz

Konferenz	25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014
Land/Gebiet	Italien
Ort	Naples
Zeitraum	3/11/14 → 6/11/14

Zugriff auf Dokument

10.1109/ISSREW.2014.86

Andere Dateien und Links

Verknüpfung zur Publikation in Scopus

Dieses zitieren

Mees, W., & Debatty, T. (2014). Multi-agent system for APT detection. in Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014 (S. 401-406). Artikel 6983874 (Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISSREW.2014.86

@inproceedings{ee1824b51e8b42088b3bb57d1d75bf12,

title = "Multi-agent system for APT detection",

abstract = "Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.",

author = "Wim Mees and Thibault Debatty",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014 ; Conference date: 03-11-2014 Through 06-11-2014",

year = "2014",

month = dec,

day = "12",

doi = "10.1109/ISSREW.2014.86",

language = "English",

series = "Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "401--406",

booktitle = "Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014",

}

Mees, W & Debatty, T 2014, Multi-agent system for APT detection. in Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014., 6983874, Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014, Institute of Electrical and Electronics Engineers Inc., S. 401-406, 25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014, Naples, Italien, 3/11/14. https://doi.org/10.1109/ISSREW.2014.86

Multi-agent system for APT detection. / Mees, Wim ; Debatty, Thibault.
Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014. Institute of Electrical and Electronics Engineers Inc., 2014. S. 401-406 6983874 (Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Konferenzbeitrag › Begutachtung

TY - GEN

T1 - Multi-agent system for APT detection

AU - Mees, Wim

AU - Debatty, Thibault

PY - 2014/12/12

Y1 - 2014/12/12

N2 - Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.

AB - Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.

UR - https://www.scopus.com/pages/publications/84922598659

U2 - 10.1109/ISSREW.2014.86

DO - 10.1109/ISSREW.2014.86

M3 - Conference contribution

AN - SCOPUS:84922598659

T3 - Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

SP - 401

EP - 406

BT - Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

Y2 - 3 November 2014 through 6 November 2014

ER -

Mees W , Debatty T. Multi-agent system for APT detection. in Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014. Institute of Electrical and Electronics Engineers Inc. 2014. S. 401-406. 6983874. (Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014). doi: 10.1109/ISSREW.2014.86

Multi-agent system for APT detection

Abstract

Publikationsreihe

Konferenz

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Dieses zitieren