Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard-cite-them-right
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Towards a Framework to Detect Multi-Stage Advanced Persistent Threats Attacks
Instituto Tecnológico de Aeronáutica, Brasilien.
Instituto Tecnológico de Aeronáutica, Brasilien.
Försvarshögskolan, Militärvetenskapliga institutionen (MVI), Ledningsvetenskapliga avdelningen (LVA).
2014 (Engelska)Ingår i: Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium, IEEE Computer Society, 2014Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Detecting and defending against Multi-Stage Advanced Persistent Threats (APT) Attacks is a challenge for mechanisms that are static in its nature and are based on blacklisting and malware signature techniques. Blacklists and malware signatures are designed to detect known attacks. But multi-stage attacks are dynamic, conducted in parallel and use several attack paths and can be conducted in multi-year campaigns, in order to reach the desired effect. In this paper the design principles of a framework are presented that model Multi-Stage Attacks in a way that both describes the attack methods as well as the anticipated effects of attacks. The foundation to model behaviors is by the combination of the Intrusion Kill-Chain attack model and defense patterns (i.e. a hypothesis based approach of known patterns). The implementation of the framework is made by using Apache Hadoop with a logic layer that supports the evaluation of a hypothesis.

Ort, förlag, år, upplaga, sidor
IEEE Computer Society, 2014.
Nationell ämneskategori
Annan teknik
Forskningsämne
Ledningsvetenskap
Identifikatorer
URN: urn:nbn:se:fhs:diva-5128ISBN: 978-1-4799-2504-9 (tryckt)OAI: oai:DiVA.org:fhs-5128DiVA, id: diva2:777874
Konferens
Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium
Tillgänglig från: 2015-01-09 Skapad: 2015-01-09 Senast uppdaterad: 2016-05-10Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Av organisationen
Ledningsvetenskapliga avdelningen (LVA)
Annan teknik

Sök vidare utanför DiVA

GoogleGoogle Scholar

isbn
urn-nbn

Altmetricpoäng

isbn
urn-nbn
Totalt: 268 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard-cite-them-right
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf