Proposed Approach for Targeted Attacks Detection

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F16%3A00087688" target="_blank" >RIV/00216224:14330/16:00087688 - isvavai.cz</a>

Výsledek na webu

<a href="http://link.springer.com/chapter/10.1007%2F978-3-319-24584-3_7" target="_blank" >http://link.springer.com/chapter/10.1007%2F978-3-319-24584-3_7</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1007/978-3-319-24584-3_7" target="_blank" >10.1007/978-3-319-24584-3_7</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Proposed Approach for Targeted Attacks Detection

Popis výsledku v původním jazyce

For years governments, organizations and companies have made great efforts to keep hackers, malware, cyber attacks at bay with different degrees of success. On the other hand, cyber criminals and miscreants produced more advanced techniques to compromise Internet infrastructure. Targeted attack or advanced persistent threat (APT) attack is a new challenge and aims to accomplish a specific goal, most often espionage. APTs are presently the biggest threat to governments and organizations. This paper states research questions and propose a novel approach to intrusion detection system processes network traffic and able to detect potential APT attack. This detection of APT attack is based on the correlation between the events which we get as outputs of our detection methods. Each detection method aims to detect one technique used in one of APT attack steps.

Název v anglickém jazyce

Proposed Approach for Targeted Attacks Detection

Popis výsledku anglicky

For years governments, organizations and companies have made great efforts to keep hackers, malware, cyber attacks at bay with different degrees of success. On the other hand, cyber criminals and miscreants produced more advanced techniques to compromise Internet infrastructure. Targeted attack or advanced persistent threat (APT) attack is a new challenge and aims to accomplish a specific goal, most often espionage. APTs are presently the biggest threat to governments and organizations. This paper states research questions and propose a novel approach to intrusion detection system processes network traffic and able to detect potential APT attack. This detection of APT attack is based on the correlation between the events which we get as outputs of our detection methods. Each detection method aims to detect one technique used in one of APT attack steps.

Druh

D - Stať ve sborníku

CEP obor

IN - Informatika

OECD FORD obor

—

Projekt

<a href="/cs/project/OFMASUN201301" target="_blank" >OFMASUN201301: CIRC - Mobilní dedikované zařízení pro naplňování schopností reakce na počítačové incidenty</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2016

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Advanced Computer and Communication Engineering Technology, Lecture Notes in Electrical Engineering

ISBN

9783319245829

ISSN

1876-1100

e-ISSN

—

Počet stran výsledku

8

Strana od-do

73-80

Název nakladatele

Springer International Publishing

Místo vydání

Phuket

Místo konání akce

Phuket

Datum konání akce

1. 1. 2016

Typ akce podle státní příslušnosti

CST - Celostátní akce

Kód UT WoS článku

—