Logo: to the web site of the Swedish Defence University

fhs.se
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard-cite-them-right
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards a Framework to Detect Multi-Stage Advanced Persistent Threats Attacks
Instituto Tecnológico de Aeronáutica, Brasilien.
Instituto Tecnológico de Aeronáutica, Brasilien.
Swedish National Defence College, Department of Military Studies, Command & Control Studies Division.
2014 (English)In: Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium, IEEE Computer Society, 2014Conference paper, Published paper (Refereed)
Abstract [en]

Detecting and defending against Multi-Stage Advanced Persistent Threats (APT) Attacks is a challenge for mechanisms that are static in its nature and are based on blacklisting and malware signature techniques. Blacklists and malware signatures are designed to detect known attacks. But multi-stage attacks are dynamic, conducted in parallel and use several attack paths and can be conducted in multi-year campaigns, in order to reach the desired effect. In this paper the design principles of a framework are presented that model Multi-Stage Attacks in a way that both describes the attack methods as well as the anticipated effects of attacks. The foundation to model behaviors is by the combination of the Intrusion Kill-Chain attack model and defense patterns (i.e. a hypothesis based approach of known patterns). The implementation of the framework is made by using Apache Hadoop with a logic layer that supports the evaluation of a hypothesis.
Place, publisher, year, edition, pages
IEEE Computer Society, 2014.
National Category
Other Engineering and Technologies
Research subject
Ledningsvetenskap
Identifiers
URN: urn:nbn:se:fhs:diva-5128ISBN: 978-1-4799-2504-9 (print)OAI: oai:DiVA.org:fhs-5128DiVA, id: diva2:777874
Conference
Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium
Available from: 2015-01-09 Created: 2015-01-09 Last updated: 2025-09-29Bibliographically approved

Open Access in DiVA

No full text in DiVA

By organisation
Command & Control Studies Division
Other Engineering and Technologies

Search outside of DiVA

GoogleGoogle Scholar

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 825 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard-cite-them-right
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
DiVA log in
|
The Anna Lindh Library
|
DiVA portal
|
WCAG