Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 87760
An Architectural Model for APT Detection
Authors: Nam-Uk Kim, Sung-Hwan Kim, Tai-Myoung Chung
Abstract:
Typical security management systems are not suitable for detecting APT attack, because they cannot draw the big picture from trivial events of security solutions. Although SIEM solutions have security analysis engine for that, their security analysis mechanisms need to be verified in academic field. Although this paper proposes merely an architectural model for APT detection, we will keep studying on correlation analysis mechanism in the future.Keywords: advanced persistent threat, anomaly detection, data mining
Procedia PDF Downloads 530