Multi-agent system for APT detection

Wim Mees; Thibault Debatty

doi:10.1109/ISSREW.2014.86

Multi-agent system for APT detection

Cyber Defence Lab

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/Congresprocedure › Conferentiebijdrage › peer review

2 Citaten (Scopus)

Samenvatting

Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.

Originele taal-2	Engels
Titel	Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014
Uitgeverij	Institute of Electrical and Electronics Engineers Inc.
Pagina's	401-406
Aantal pagina's	6
ISBN van elektronische versie	9781479973774
DOI's	https://doi.org/10.1109/ISSREW.2014.86
Status	Gepubliceerd - 12 dec. 2014
Evenement	25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014 - Naples, Italië Duur: 3 nov. 2014 → 6 nov. 2014

Publicatie series

Naam	Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

Congres

Congres	25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014
Land/Regio	Italië
Stad	Naples
Periode	3/11/14 → 6/11/14

Toegang tot document

10.1109/ISSREW.2014.86

Andere bestanden en links

Link naar publicatie in Scopus

Citeer dit

Mees, W., & Debatty, T. (2014). Multi-agent system for APT detection. In Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014 (blz. 401-406). Artikel 6983874 (Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISSREW.2014.86

@inproceedings{ee1824b51e8b42088b3bb57d1d75bf12,

title = "Multi-agent system for APT detection",

abstract = "Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.",

author = "Wim Mees and Thibault Debatty",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014 ; Conference date: 03-11-2014 Through 06-11-2014",

year = "2014",

month = dec,

day = "12",

doi = "10.1109/ISSREW.2014.86",

language = "English",

series = "Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "401--406",

booktitle = "Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014",

}

Mees, W & Debatty, T 2014, Multi-agent system for APT detection. in Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014., 6983874, Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014, Institute of Electrical and Electronics Engineers Inc., blz. 401-406, 25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014, Naples, Italië, 3/11/14. https://doi.org/10.1109/ISSREW.2014.86

Multi-agent system for APT detection. / Mees, Wim ; Debatty, Thibault.
Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014. Institute of Electrical and Electronics Engineers Inc., 2014. blz. 401-406 6983874 (Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014).

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/Congresprocedure › Conferentiebijdrage › peer review

TY - GEN

T1 - Multi-agent system for APT detection

AU - Mees, Wim

AU - Debatty, Thibault

PY - 2014/12/12

Y1 - 2014/12/12

N2 - Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.

AB - Advanced Persistent Threats (APTs) are targeted cyber attacks committed over a long period of time by highly skilled attackers. The ever increasing number of successful attacks indicates that classical network protection solutions (firewalls, Intrusion Detections Systems, proxies etc.) are no longer sufficient. Therefore, in this paper we propose a new system that combines multiples approaches using advanced aggregation techniques to achieve a better detection performance. We also test the system on real data from a small corporate network, and show that our system is able to attain a high probability of detection to probability of false alarm ratio.

UR - https://www.scopus.com/pages/publications/84922598659

U2 - 10.1109/ISSREW.2014.86

DO - 10.1109/ISSREW.2014.86

M3 - Conference contribution

AN - SCOPUS:84922598659

T3 - Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

SP - 401

EP - 406

BT - Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2014

Y2 - 3 November 2014 through 6 November 2014

ER -

Mees W , Debatty T. Multi-agent system for APT detection. In Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014. Institute of Electrical and Electronics Engineers Inc. 2014. blz. 401-406. 6983874. (Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014). doi: 10.1109/ISSREW.2014.86

Multi-agent system for APT detection

Samenvatting

Publicatie series

Congres

Toegang tot document

Andere bestanden en links

Vingerafdruk

Citeer dit