Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards a Framework to Detect Multi-Stage Advanced Persistent Threats Attacks
Instituto Tecnológico de Aeronáutica, Brasilien.
Instituto Tecnológico de Aeronáutica, Brasilien.
Swedish National Defence College, Department of Military Studies, Command & Control Studies Division.
2014 (English)In: Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium, IEEE Computer Society, 2014Conference paper, Published paper (Refereed)
Abstract [en]

Detecting and defending against Multi-Stage Advanced Persistent Threats (APT) Attacks is a challenge for mechanisms that are static in its nature and are based on blacklisting and malware signature techniques. Blacklists and malware signatures are designed to detect known attacks. But multi-stage attacks are dynamic, conducted in parallel and use several attack paths and can be conducted in multi-year campaigns, in order to reach the desired effect. In this paper the design principles of a framework are presented that model Multi-Stage Attacks in a way that both describes the attack methods as well as the anticipated effects of attacks. The foundation to model behaviors is by the combination of the Intrusion Kill-Chain attack model and defense patterns (i.e. a hypothesis based approach of known patterns). The implementation of the framework is made by using Apache Hadoop with a logic layer that supports the evaluation of a hypothesis.

Place, publisher, year, edition, pages
IEEE Computer Society, 2014.
National Category
Other Engineering and Technologies
Research subject
Ledningsvetenskap
Identifiers
URN: urn:nbn:se:fhs:diva-5128ISBN: 978-1-4799-2504-9 (print)OAI: oai:DiVA.org:fhs-5128DiVA: diva2:777874
Conference
Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium
Available from: 2015-01-09 Created: 2015-01-09 Last updated: 2016-05-10Bibliographically approved

Open Access in DiVA

No full text

By organisation
Command & Control Studies Division
Other Engineering and Technologies

Search outside of DiVA

GoogleGoogle Scholar

Total: 81 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf