Expert knowledge and data analysis for detecting advanced persistent threats

Juan Ramón Moya; Noemí DeCastro-García; Ramón-Ángel Fernández-Díaz; Jorge Lorenzana Tamargo

Open Mathematics (2017)

  • Volume: 15, Issue: 1, page 1108-1122
  • ISSN: 2391-5455

Abstract

top
Critical Infrastructures in public administration would be compromised by Advanced Persistent Threats (APT) which today constitute one of the most sophisticated ways of stealing information. This paper presents an effective, learning based tool that uses inductive techniques to analyze the information provided by firewall log files in an IT infrastructure, and detect suspicious activity in order to mark it as a potential APT. The experiments have been accomplished mixing real and synthetic data traffic to represent different proportions of normal and anomalous activity.

How to cite

top

Juan Ramón Moya, et al. "Expert knowledge and data analysis for detecting advanced persistent threats." Open Mathematics 15.1 (2017): 1108-1122. <http://eudml.org/doc/288548>.

@article{JuanRamónMoya2017,
abstract = {Critical Infrastructures in public administration would be compromised by Advanced Persistent Threats (APT) which today constitute one of the most sophisticated ways of stealing information. This paper presents an effective, learning based tool that uses inductive techniques to analyze the information provided by firewall log files in an IT infrastructure, and detect suspicious activity in order to mark it as a potential APT. The experiments have been accomplished mixing real and synthetic data traffic to represent different proportions of normal and anomalous activity.},
author = {Juan Ramón Moya, Noemí DeCastro-García, Ramón-Ángel Fernández-Díaz, Jorge Lorenzana Tamargo},
journal = {Open Mathematics},
keywords = {Advanced persistent threat; Cybersecurity; Data mining; Expert knowledge},
language = {eng},
number = {1},
pages = {1108-1122},
title = {Expert knowledge and data analysis for detecting advanced persistent threats},
url = {http://eudml.org/doc/288548},
volume = {15},
year = {2017},
}

TY - JOUR
AU - Juan Ramón Moya
AU - Noemí DeCastro-García
AU - Ramón-Ángel Fernández-Díaz
AU - Jorge Lorenzana Tamargo
TI - Expert knowledge and data analysis for detecting advanced persistent threats
JO - Open Mathematics
PY - 2017
VL - 15
IS - 1
SP - 1108
EP - 1122
AB - Critical Infrastructures in public administration would be compromised by Advanced Persistent Threats (APT) which today constitute one of the most sophisticated ways of stealing information. This paper presents an effective, learning based tool that uses inductive techniques to analyze the information provided by firewall log files in an IT infrastructure, and detect suspicious activity in order to mark it as a potential APT. The experiments have been accomplished mixing real and synthetic data traffic to represent different proportions of normal and anomalous activity.
LA - eng
KW - Advanced persistent threat; Cybersecurity; Data mining; Expert knowledge
UR - http://eudml.org/doc/288548
ER -

NotesEmbed ?

top

You must be logged in to post comments.

To embed these notes on your page include the following JavaScript code on your page where you want the notes to appear.

Only the controls for the widget will be shown in your chosen language. Notes will be shown in their authored language.

Tells the widget how many notes to show per page. You can cycle through additional notes using the next and previous controls.

    
                

Note: Best practice suggests putting the JavaScript code just before the closing </body> tag.